I've set tag Terraform = true to all resources created by Terraform and now I am wondering is it possible to get all AWS resources (VPC, subnets, ec2 etc) via awscli with this tag? How do you manage with such problem?
Asked
Active
Viewed 566 times
0
ipeacocks
- 321
- 1
- 3
- 10
-
1I don't believe there's a single command that'll fetch all resources - you'd have to do it separately for each type (one for VPC, another for EC2 instances, etc.) – ceejayoz Jul 14 '18 at 13:57
1 Answers
1
AWS Config
AWS Config is a service that enables you to assess, audit, and evaluate the configurations of your AWS resources. Config continuously monitors and records your AWS resource configurations and allows you to automate the evaluation of recorded configurations against desired configurations.
https://docs.aws.amazon.com/config/latest/developerguide/WhatIsConfig.html
There is no CLI command that describes tags for every resources. The AWS CLI is split up by each service. Instead what you need to do is setup a Config rule that audits the resources in your environment.
There is already a "required-tags" config rule that you can use by default. I set it up really quickly to test, and in the console I can query every single resource for a particular tag. I haven't used the Config CLI, but I assume that you can find the appropriate command to script that as well.
https://docs.aws.amazon.com/cli/latest/reference/configservice/index.html
You will need to setup Config to record resources and wait for it to index your account, but after that you should be golden.
Brandon
- 408
- 2
- 11