{"id":13624482,"url":"https://github.com/awslabs/aws-multi-account-viewer","last_synced_at":"2025-04-16T00:32:35.343Z","repository":{"id":47422136,"uuid":"202444163","full_name":"awslabs/aws-multi-account-viewer","owner":"awslabs","description":"Serverless app designed for any customer with two or more accounts to view resources across accounts/regions in simple single pane of glass website","archived":true,"fork":false,"pushed_at":"2023-10-18T01:51:08.000Z","size":11129,"stargazers_count":110,"open_issues_count":2,"forks_count":42,"subscribers_count":9,"default_branch":"master","last_synced_at":"2024-08-01T22:00:12.636Z","etag":null,"topics":["aws","cloudformation","cloudformation-templates","organizations","python","serverless"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit-0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/awslabs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-08-15T00:12:35.000Z","updated_at":"2024-05-15T18:06:48.000Z","dependencies_parsed_at":"2024-05-28T13:50:42.438Z","dependency_job_id":null,"html_url":"https://github.com/awslabs/aws-multi-account-viewer","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/awslabs%2Faws-multi-account-viewer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/awslabs%2Faws-multi-account-viewer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/awslabs%2Faws-multi-account-viewer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/awslabs%2Faws-multi-account-viewer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/awslabs","download_url":"https://codeload.github.com/awslabs/aws-multi-account-viewer/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223691622,"owners_count":17186858,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","cloudformation","cloudformation-templates","organizations","python","serverless"],"created_at":"2024-08-01T21:01:43.053Z","updated_at":"2024-11-08T13:30:35.421Z","avatar_url":"https://github.com/awslabs.png","language":"JavaScript","funding_links":[],"categories":["JavaScript"],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e\n\u003cimg src=\"images/frontpage.png\"\u003e\u003c/a\u003e\n\u003c/h1\u003e\n\n![](https://github.com/awslabs/aws-multi-account-viewer/workflows/Front-End%20Build/badge.svg)\n![](https://github.com/awslabs/aws-multi-account-viewer/workflows/Back-End%20Build/badge.svg)\n\nServerless app designed for any customer with two or more accounts to view resources/tags across accounts/regions in simple single pane of glass website. It's split into 2 customizable parts:\n\n- Back-End (CloudFormation templates and Python Lambdas)\n- Front-End (React with Amplify)\n\nCurrent working examples are:\n\n- AWS Accounts in Organizations\n- EC2, CLB/ALB/NLB, Lambda, ODCR, Reserved Instances, RDS, EKS, Lightsail\n- IAM Users, Roles, Policy’s\n- VPCs, Subnets\n- S3 Buckets, EBS Volumes\n- Private and Public IP's\n- All Tags\n\n## Demo\n\nDemo website coming this week.\n\n## On this Page\n- [Architecture](#architecture)\n- [Requirements](#Requirements)\n- [Install Overview](#install-overview) \n- [Deploying the Solution](#deploying-the-solution)\n- [Adding New Services](#adding-new-services)\n- [Troubleshooting](#Troubleshooting)\n- [License](#license)\n\n## Architecture\n\n![Architecture](images/AWS-Multi-Account-Overview.png)\n\n## Requirements\n\n- [Python 3.7](https://www.python.org/downloads/)\n- [Node.js 8.10+](https://nodejs.org/en/)\n- [Yarn](https://yarnpkg.com/en/) or [NPM](https://www.npmjs.com/)\n- At least 2 AWS accounts.\n\n## Install Overview\n\nAdministrator account is the account you will use to access all sub accounts and where you will store everything.\nSubAccounts only requires the SubAccountAccess template to be created.\n\n- Clone repo.\n- Run CloudFormation template in your sub accounts (SubAccountAccess.yaml).\n- Run CloudFormation template in your main account (MainTemplate.yaml).\n- Run React App.\n\n## Deploying the Solution\n\n#### Sub Accounts\n\n- Note the Account number for your Administrator Account and put it into the SubAccountAccess template.\n- Edit the __SubAccountAccess.yaml__ with your Administrator Account Number (this account number will be your Administrator account that will have access to view all the sub accounts from)\n![](images/sub-account.png)\n- Save and Run the __SubAccountAccess.yaml__ in all your sub accounts you want to view. (I recommend using [StackSets](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/what-is-cfnstacksets.html) if you have them enabled otherwise manual is fine)\n\n#### Administrator Account\n\n- Create a new S3 bucket to store the lambda zip files\n\n```bash\naws s3 mb s3://your-unique-bucket-name --region ap-southeast-2\n```\n- Package up all the lambdas into one zip file (e.g __functions.zip__): see example below or doco [here](https://docs.aws.amazon.com/lambda/latest/dg/lambda-python-how-to-create-deployment-package.html) \n\n- The only external python modules: boto3\n\n```bash\ncd /aws-multi-account-viewer/Back-End/lambdas\npython3.7 -m venv .venv\nsource .venv/bin/activate\ncd build\npip install -r ../requirements.txt --target .\nzip -r9 ../functions.zip .\ncd ../\nzip -g functions.zip list_table.py receive_sqs_message.py send_sqs_message.py\ndeactivate\n```\n\n- Copy the functions.zip file you just packaged into the s3 bucket you created earlier.\n\n```bash\naws s3 cp functions.zip s3://your-unique-bucket-name\n```\n\n#### CloudFormation Parameters\n\nEveryone's accounts and regions vary so this example is set to the free tier for DynamoDB\nAutoScaling is configured for DynamoDB so it will between the 2 parameters you specifiy.\n\n- Update all the parameters to match your config/accounts/bucket in MainTemplate.yaml\n- Deploy the CloudFormation template in the admin account once you have updated the paramaters\n- Once the CloudFormation has completed copy the details in the outputs:\n    - __ApiGateWayEndPoint__\n    - __UserPoolId__\n    - __userPoolWebClientId__\n\n![](images/cloudformation-outputs.png)\n\n- Paste the outputs into [Front-End/.env](Front-End/.env), or directly into\n[Front-End/src/App.js](Front-End/src/App.js):\n\n\n![](images/cognito.png)\n\n- Create a user account for the Cognito User Pool (sign up is disabled, so users have to be created manually)\n- Cognito \u003e User Pools \u003e {YourStackName} \u003e Users and groups \u003e Create User.\n- Now navigate to Front-End and Install dependencies\n\n```bash\ncd /aws-multi-account-viewer/Front-End/\nyarn\n```\n![](images/yarn-2.png)\n\n- Start React Page\n\n```bash\nyarn start\n```\n![](images/yarn.png)\n\n- You should now see a login page from React\n\n![](images/login-complete.png)\n\n- Log in with the user you created earlier.\n- You now have a local version up and running, you could now safely host as a public s3 bucket. \n(not covered in this project but you can see examples online on how to set it up: [S3-Public-Website](https://docs.aws.amazon.com/AmazonS3/latest/dev/HostingWebsiteOnS3Setup.html))\n- A really good article on setting React up with S3 by Antoine Sauvage: [Here](https://medium.com/ovrsea/deploy-automatically-a-react-app-on-amazon-s3-iam-within-minutes-da6cb0096d55)\n\n\n## Adding New Services\n\nTo add a new services, see example for this git commit:\n\n- Example of adding a new service EKS here [EKS](https://github.com/awslabs/aws-multi-account-viewer/pull/10/files)\n\n\n## Troubleshooting\n\n### No data is being populated on the web site?\n\n- Check SQS to make sure the messages are going through to lambda\n- If there’s lots of messages in the queue then there’s an issue with the lambda or DynamoDB is throttling the requests.\n\n### Site breaks when hosted on s3?\n\n- There's a good guide above on how to host React on S3, most common gotcha is error document:\n![](images/s3-sample.png)\n\n### Lambda Logs Overview?\n\n- You can check all three lambdas logs easy in CloudWatch Insights:\n![](images/sample-insights.png)\n\n### Lambda Logs Error \u0026 Exceptions:\n\nCopy and paste query below to only see Errors \u0026 Exceptions:\n(this example is showing throttle requests on DynamoDB because its set too low):\n\n```bash\nfields @message \n| filter @message like /Error/ or @message like /Exception/\n| limit 50\n```\n![](images/sample-exception.png)\n\n### Tables are empty?\n- Check SQS queue to see what services are failing\n- View CloudWatch Logs above across receive/send lambda's to see where the issue is.\n\n## License Summary\n\nThis sample code is made available under the MIT-0 license. See the LICENSE file.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fawslabs%2Faws-multi-account-viewer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fawslabs%2Faws-multi-account-viewer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fawslabs%2Faws-multi-account-viewer/lists"}