feat(aws): Add interactive region selection for discovery#39
Open
JuanKRuiz wants to merge 1 commit intoGoogleCloudPlatform:masterfrom
Open
feat(aws): Add interactive region selection for discovery#39JuanKRuiz wants to merge 1 commit intoGoogleCloudPlatform:masterfrom
JuanKRuiz wants to merge 1 commit intoGoogleCloudPlatform:masterfrom
Conversation
This change introduces an interactive prompt that allows the user to specify a single AWS region to scan, improving usability in restricted environments. Prior to this change, the script attempted to scan all AWS regions by default. This caused errors in accounts where Service Control Policies (SCPs) block access to unused regions, halting execution. Now, the script: - Displays a banner and prompts the user to enter an AWS region. - If a valid region is specified, the scan is limited to only that region. - If no region is entered, the script maintains the previous behavior and scans all available regions. This makes the tool more flexible and robust for operating in AWS environments with strict security policies.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This pull request introduces a critical usability enhancement by allowing the user to specify a single AWS region for the inventory scan.
1. The Problem (The Why)
The script's default behavior of iterating through all available AWS regions causes execution failures in corporate environments where Service Control Policies (SCPs) are enforced. When an SCP denies access to a non-enabled region—a common security and governance best practice—the script terminates abruptly with an UnauthorizedOperation error or similar. This completely blocks the tool's utility for users operating within these policy-restricted accounts.
2. The Solution (The How)
To address this blocker, an interactive workflow has been implemented at the script's startup:
3. The Impact & Benefits (The Value)