Redesign HTML report and add --exclude-defaults option

  UI:
  - Dashboard charts (Top Services, Top Regions), stat cards, and service
    section counts now update dynamically when filters change
  - Align visual style with AWS Console (Cloudscape Design System):
    color palette (#0972d3 blue, #ec7211 orange, #232f3e header),
    flat solid bars, bordered cards, restrained color use
  - Compact Cloudscape-standard spacing: 14px base font, 1.43 line-height,
    10px 12px table cells, 16px card padding, 4px border-radius
  - Tags styled as outlined badges instead of gradient pills
  - Primary buttons use AWS orange, secondary buttons use bordered style
  - Improved mobile layout with 2-column stat grid
  - Default resources now show a "DEFAULT" badge in HTML reports
  - Report subtitle changed to "Comprehensive AWS Asset Discovery"

  --exclude-defaults:
  - Add --exclude-defaults CLI flag to filter out AWS-created default
    resources (default VPCs, subnets, security groups, route tables,
    internet gateways, NACLs, DHCP options)
  - Collectors mark resources with top-level is_default field;
    CLI filters post-collection (same pattern as tag filtering)
  - CSV output includes is_default column

  Bug fix:
  - Add missing aiobotocore dependency to pyproject.toml, fixing
    Lambda collector silently not loading

Author: TarekCheikh

Dockerfile

@@ -2,7 +2,7 @@ FROM python:3.11-slim
 
 LABEL maintainer="Tarek CHEIKH <tarek@tocconsulting.fr>"
 LABEL description="A fast, comprehensive tool for mapping and inventorying AWS resources across 150+ services"
-LABEL version="1.3.0"
+LABEL version="1.4.0"
 
 # Set environment variables
 ENV PYTHONDONTWRITEBYTECODE=1

README.md

@@ -102,6 +102,9 @@ awsmap --list-services
 
 # Show timing per service (useful for debugging)
 awsmap -p myprofile --timings
+
+# Exclude default AWS resources (default VPCs, security groups, etc.)
+awsmap -p myprofile --exclude-defaults
 ```
 
 ## CLI Options
@@ -118,6 +121,7 @@ awsmap -p myprofile --timings
 | `-q, --quiet` | Suppress progress output |
 | `--timings` | Show timing summary per service |
 | `--include-global` | Include global services when filtering by non-global regions |
+| `--exclude-defaults` | Exclude default AWS resources (default VPCs, security groups, etc.) |
 | `--list-services` | List available service collectors |
 
 ## Supported Services
@@ -180,7 +184,7 @@ Interactive report with:
 ```
 
 ### CSV
-Flat format with columns: service, type, id, name, region, arn, tags
+Flat format with columns: service, type, id, name, region, arn, is_default, tags
 
 ## Tag Filtering
 
@@ -308,6 +312,8 @@ This tool only collects **user-owned resources**, excluding:
 - AWS managed domain lists (Route53 Resolver: `AWSManagedDomains*`)
 - Default data lake settings (Lake Formation)
 
+**Default VPC resources** (default VPCs, subnets, security groups, route tables, internet gateways, NACLs, DHCP options) are collected by default and marked with a "DEFAULT" badge in HTML reports. Use `--exclude-defaults` to filter them out.
+
 See [SERVICES.md](SERVICES.md#filtered-resources) for the complete list of filtered resources.
 
 ## Support

pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "awsmap"
-version = "1.3.0"
+version = "1.4.0"
 description = "A fast, comprehensive tool for mapping and inventorying AWS resources across 150+ services and all regions"
 readme = "README.md"
 requires-python = ">=3.8"
@@ -33,6 +33,7 @@ dependencies = [
     "click>=8.0.0",
     "pyyaml>=6.0.0",
     "botocore[crt]>=1.29.0",  # For aws login credential support
+    "aiobotocore>=2.5.0",
 ]
 
 [project.urls]

src/aws_inventory/__init__.py

@@ -2,4 +2,4 @@
 awsmap - Fast, comprehensive AWS resource inventory across 150+ services.
 """
 
-__version__ = '1.3.0'
+__version__ = '1.4.0'

src/aws_inventory/cli.py

@@ -29,6 +29,7 @@ def print_progress(service: str, status: str) -> None:
 @click.option('--quiet', '-q', is_flag=True, help='Suppress progress output')
 @click.option('--timings', is_flag=True, help='Show timing summary per service')
 @click.option('--include-global', is_flag=True, help='Include global services even when filtering by non-global regions')
+@click.option('--exclude-defaults', is_flag=True, help='Exclude default AWS resources (default VPCs, security groups, etc.)')
 def main(
     profile: Optional[str],
     region: tuple,
@@ -40,7 +41,8 @@ def main(
     tag: tuple,
     quiet: bool,
     timings: bool,
-    include_global: bool
+    include_global: bool,
+    exclude_defaults: bool
 ) -> None:
     """
     awsmap - Map and inventory AWS resources.
@@ -172,6 +174,12 @@ def main(
             result['metadata']['resource_count'] = len(filtered_resources)
             result['metadata']['tag_filter'] = tag_filters
 
+    # Exclude default AWS resources
+    if exclude_defaults:
+        result['resources'] = [r for r in result['resources'] if not r.get('is_default')]
+        result['metadata']['resource_count'] = len(result['resources'])
+        result['metadata']['exclude_defaults'] = True
+
     # Summary
     if not quiet:
         click.echo("-" * 40)

src/aws_inventory/collectors/ec2.py

@@ -146,6 +146,7 @@ def collect_ec2_resources(session: boto3.Session, region: Optional[str], account
                     'arn': f"arn:aws:ec2:{region}:{account_id}:security-group/{sg['GroupId']}",
                     'name': sg.get('GroupName') or sg['GroupId'],
                     'region': region,
+                    'is_default': sg.get('GroupName') == 'default',
                     'details': {
                         'vpc_id': sg.get('VpcId'),
                         'description': sg.get('Description'),

src/aws_inventory/collectors/vpc.py

@@ -37,6 +37,7 @@ def collect_vpc_resources(session: boto3.Session, region: Optional[str], account
                     'arn': f"arn:aws:ec2:{region}:{account_id}:vpc/{vpc['VpcId']}",
                     'name': get_tag_value(tags, 'Name') or vpc['VpcId'],
                     'region': region,
+                    'is_default': vpc.get('IsDefault', False),
                     'details': {
                         'cidr_block': vpc.get('CidrBlock'),
                         'state': vpc.get('State'),
@@ -49,6 +50,10 @@ def collect_vpc_resources(session: boto3.Session, region: Optional[str], account
     except Exception:
         pass
 
+    # Build set of default VPC IDs and their DHCP options for marking child resources
+    default_vpc_ids = {r['id'] for r in resources if r.get('is_default')}
+    default_dhcp_ids = {r['details']['dhcp_options_id'] for r in resources if r.get('is_default') and r['details'].get('dhcp_options_id')}
+
     # Subnets
     try:
         paginator = ec2.get_paginator('describe_subnets')
@@ -62,6 +67,7 @@ def collect_vpc_resources(session: boto3.Session, region: Optional[str], account
                     'arn': subnet.get('SubnetArn', f"arn:aws:ec2:{region}:{account_id}:subnet/{subnet['SubnetId']}"),
                     'name': get_tag_value(tags, 'Name') or subnet['SubnetId'],
                     'region': region,
+                    'is_default': subnet.get('DefaultForAz', False),
                     'details': {
                         'vpc_id': subnet.get('VpcId'),
                         'cidr_block': subnet.get('CidrBlock'),
@@ -82,18 +88,20 @@ def collect_vpc_resources(session: boto3.Session, region: Optional[str], account
         for page in paginator.paginate():
             for rt in page.get('RouteTables', []):
                 tags = rt.get('Tags', [])
+                is_main = any(a.get('Main') for a in rt.get('Associations', []))
                 resources.append({
                     'service': 'vpc',
                     'type': 'route-table',
                     'id': rt['RouteTableId'],
                     'arn': f"arn:aws:ec2:{region}:{account_id}:route-table/{rt['RouteTableId']}",
                     'name': get_tag_value(tags, 'Name') or rt['RouteTableId'],
                     'region': region,
+                    'is_default': rt.get('VpcId') in default_vpc_ids and is_main,
                     'details': {
                         'vpc_id': rt.get('VpcId'),
                         'routes_count': len(rt.get('Routes', [])),
                         'associations_count': len(rt.get('Associations', [])),
-                        'main': any(a.get('Main') for a in rt.get('Associations', [])),
+                        'main': is_main,
                     },
                     'tags': tags_to_dict(tags)
                 })
@@ -114,6 +122,7 @@ def collect_vpc_resources(session: boto3.Session, region: Optional[str], account
                     'arn': f"arn:aws:ec2:{region}:{account_id}:internet-gateway/{igw['InternetGatewayId']}",
                     'name': get_tag_value(tags, 'Name') or igw['InternetGatewayId'],
                     'region': region,
+                    'is_default': (attachments[0].get('VpcId') in default_vpc_ids) if attachments else False,
                     'details': {
                         'vpc_id': attachments[0].get('VpcId') if attachments else None,
                         'state': attachments[0].get('State') if attachments else 'detached',
@@ -280,6 +289,7 @@ def collect_vpc_resources(session: boto3.Session, region: Optional[str], account
                 'arn': f"arn:aws:ec2:{region}:{account_id}:dhcp-options/{dhcp['DhcpOptionsId']}",
                 'name': get_tag_value(tags, 'Name') or dhcp['DhcpOptionsId'],
                 'region': region,
+                'is_default': dhcp['DhcpOptionsId'] in default_dhcp_ids,
                 'details': {
                     'configurations': {cfg['Key']: cfg.get('Values', []) for cfg in dhcp.get('DhcpConfigurations', [])},
                 },
@@ -301,6 +311,7 @@ def collect_vpc_resources(session: boto3.Session, region: Optional[str], account
                     'arn': f"arn:aws:ec2:{region}:{account_id}:network-acl/{nacl['NetworkAclId']}",
                     'name': get_tag_value(tags, 'Name') or nacl['NetworkAclId'],
                     'region': region,
+                    'is_default': nacl.get('IsDefault', False),
                     'details': {
                         'vpc_id': nacl.get('VpcId'),
                         'is_default': nacl.get('IsDefault'),