我想要使用boto3为我的aws帐户提供凭据报告。操作如下:
iam = boto3.client('iam',aws_access_key_id=access_key_id,aws_secret_access_key=secret_key,region_name=region)
creds=iam.get_credential_report()
print(creds)
它提供以下格式的输出:
{"内容":b'user、arn、user_creation_time、password_enabled、password_last_used、password_last_changed、password_next_rrotation、mfa_active、access_key_1_active、access_key_1_last_rotated、access_key _1_last_used_date、access_key_1_last_used_region、access_key_1_last _used_service、access_ey_2_active sed_service,cert_1_active,cert_1_last_rotated,cert_2_active;root_account>,arn:aws:iam::407203256002:root,2021-03-23T04:31:49+00:00,not_supported,2021-04-14T12:01:30+00:0,not_supported,not_ssupported,false,true,2021-03-31T05:36:58+000:002021-04-11T12:42:00+00:00,us-east-1,iam,false,N/A,N/A false,N/A,N/A,N/A,N/A,false,N/A、false,N/A\nuser-02,arn:aws:iam::407203256002:user-022021-03-31T12:17:11+000:00,true,no-information,2021-03-31D12:17:14+000:002021-06-29T12:17:14+000:00、false、false、N/A、N/A和N/A,false、N/A,不适用,不适用user_032021-04-07T12:00:50+000:00,false,N/A,N/A,N/A,N/A,false,N/A、false,N/A','ReportFormat':'text.csv','GeneratedTime':datetime.datetime(2021,4,14,12,48,22,tzinfo=tzutc(((,"ResponseMetadata":{"RequestId":"5a82a64b-9e15-456f-a5db-95c6ae3918b1","HTTPStatusCode":200,"HTTPHeaders":{"x-amzn-RequestId":"5a 82a64B-9e15-456-a5db-95c6ae3918b1',"内容类型":"text/xml","内容长度":"2129","varie':"接受编码","日期":"2021年4月14日星期三12:50:39 GMT"},"重试":0}
有办法把它改成字典格式吗?
iam.get_credential_report()的结果实际上已经是一个(嵌套的(dict,但感兴趣的部分'Content'通常是CSV形式(作为bytes,而不是str(。亲眼目睹:
>>> list(creds.keys())
['Content', 'ReportFormat', 'GeneratedTime', 'ResponseMetadata']
您可以观察到内容采用CSV格式:
>>> creds['ReportFormat']
'text/csv'
最后,您可以使用pandas和io将其转换为一个漂亮且可用的DataFrame:
import io
import pandas as pd
df = pd.read_csv(io.BytesIO(creds['Content']))
或者,如果你已经知道哪些列是日期,并且你想做一些日期/时间分析:
df = pd.read_csv(
io.BytesIO(creds['Content']),
parse_dates=['user_creation_time', 'password_last_used'] # etc.
)
是。您可以使用python-csv模块转换为dict,但您需要先清洗一下凭据报告:
import csv
iam = boto3.client('iam',aws_access_key_id=access_key_id,aws_secret_access_key=secret_key,region_name=region)
creds = iam.get_credential_report()
# First go from bytes to a list of strings
content = creds["Content"].decode("utf-8")
content_lines = content.split("n")
# Initiate the reader, convert that to a list and turn that into a dict
creds_reader = csv.DictReader(content_lines, delimiter=",")
creds_dict = dict(enumerate(list(creds_reader)))
print(creds_dict)
结果与此类似:
{0: {'user': '<root_account>', 'arn': 'arn:aws:iam::12456789088:root'....
{1: {'user': 'admin', 'arn': 'arn:aws:iam::12456789088:root'....