Skip to main content

AWS Inventory Report

In a Nutshell
What will I learn?In this tutorial we will generate a simple inventory report that shows AWS resources deployed in a specific account, broken down by category.

What you'll need

Software & Services

Permissions & Access

AWS provide an existing ReadOnlyAccess IAM Policy that covers all of the permissions needed for this tutorial. You can simply attach this AWS provided IAM Policy to your existing IAM User, Group or Role

Attach Existing IAM Policy
Screenshot: Attach Existing IAM Policy


In each of the examples below we will take advantage of several of the environment variables that are loaded and set when we activate a set of credentials in AWSH

In each of the examples below we will take advantage of several of the environment variables that are loaded and set when we activate a set of credentials in AWSH

env | grep ^AWS_
AWS_SESSION_EXPIRATION=2022-11-28 16:05:01
AWS_ID_NAME=dummy-account/[email protected]

We will use these environment variables to generate useful report names

This tutorial also makes use of one of the built-in commands available in AWSH awsh report-inventory which allows us to generate our output report in multiple formats. To find out more about all of the helper commands and utilities available in AWSH check out the full documentation here.

The report will generate at least two files within the current directory or in the specified directory for any of the specified formats:

  • aws-inventory-report-global.>format<: Brings inventory information about AWS Global resources, such as: AWS Cloudtrail, IAM certificates, IAM roles, IAM users and more.
  • aws-inventory-report-eu-west-1.>format<: Brings inventory information about AWS resources that are region based, such as: EC2, ACM, VPC, EBS, ECS and more.

Simple Format Report

  • Create a simple text inventory report

    awsh report-inventory
  • Here is a sample output generated from the inventory report (simple)

    AWS Inventory Report: Global Resources

    AWS Account : AIDAV5ExampleCCT3C
    Created from AWS Region : eu-west-1
    Created By : arn:aws:iam::12345678:user/joe.dolan
    Created Date : Thu Jan 5 15:17:26 UTC 2022


    RoleName PolicyName PolicyArn
    --------------------------------------------------- ---------------------------------- ---------------------------------------------------------------------------
    AWSReservedSSO_AdministratorAccess_bf057cae2e5c3eef AdministratorAccess arn:aws:iam::aws:policy/AdministratorAccess
    AWSReservedSSO_ViewOnlyAccess_002e0e3abbe44533 ViewOnlyAccess arn:aws:iam::aws:policy/job-function/ViewOnlyAccess
    AWSServiceRoleForAutoScaling AutoScalingServiceRolePolicy arn:aws:iam::aws:policy/aws-service-role/AutoScalingServiceRolePolicy
    AWSServiceRoleForOrganizations AWSOrganizationsServiceTrustPolicy arn:aws:iam::aws:policy/aws-service-role/AWSOrganizationsServiceTrustPolicy
    AWSServiceRoleForSSO AWSSSOServiceRolePolicy arn:aws:iam::aws:policy/aws-service-role/AWSSSOServiceRolePolicy
    AWSServiceRoleForSupport AWSSupportServiceRolePolicy arn:aws:iam::aws:policy/aws-service-role/AWSSupportServiceRolePolicy
    AWSServiceRoleForTrustedAdvisor AWSTrustedAdvisorServiceRolePolicy arn:aws:iam::aws:policy/aws-service-role/AWSTrustedAdvisorServiceRolePolicy

Markdown Format Report

  • Get the data from the AWS API using AWSH

    awsh report-inventory -f pipe
  • The Markdown format report is plain text but can be converted into many other common formats (HTML, PDF, MS Word, etc). One of our favourite online converters is or the extensions available for Microsoft VS Code

Markdown Report
Screenshot: Markdown Report

HTML Format Report

Styling your HTML

The generated HTML automatically includes the Bootstrap framework and can be styled using any compatible CSS

  • Create an HTML header for our report

    awsh report-inventory -f html -d .

Now that you've had a look around why not check out the full documentation here.

Want to find out more?

At Hestio, we have taken our experience with designing and building on cloud to codify these patterns and made them available as a low-code pattern library for AWS. Why spend time and effort on reinventing the wheel when it's already a solved problem? Would you start developing office productivity software in a world where Microsoft Office already exists?

If you'd like to find out about worX, our low-code patterns library for AWS you can read more here or get in touch today to schedule a demo.

If you'd like to find out more about the products and services Hestio has to offer, select one of the options below.