Shell Script Guide for AWS Resource Tracking

SdeepSdeep
8 min read

Introduction

In real-world DevOps environments, keeping track of AWS resources is essential for efficient cloud management. The AWS Resource Tracker script is a widely used tool that provides a comprehensive overview of AWS resources within an environment.

This script helps organizations monitor and manage their AWS infrastructure effectively by collecting key details about various services. Using the AWS Command Line Interface (CLI), it retrieves information about S3 buckets, EC2 instances, Lambda functions, and IAM users, offering valuable insights for auditing, inventory tracking, cost optimization, and security compliance.

Key Features

The AWS Resource Tracker script enables users to:

  • List all S3 buckets and their configurations.

  • Retrieve details of EC2 instances, including instance type, state, and tags.

  • Extract information about Lambda functions, such as runtime, memory allocation, and execution role.

  • Fetch IAM user data, including permissions and access policies.

By running this script, teams can maintain better visibility over their AWS resources, ensuring efficient resource utilization and adherence to security best practices.

This tool is particularly useful for auditing, cost management, and security assessments, helping organizations maintain a well-optimized and secure cloud infrastructure.

Setting Up the AWS Resource Tracker Project

Step 1: Launching an EC2 Instance

To begin deploying the AWS Resource Tracker, you’ll first need to set up an Amazon EC2 instance, which will serve as the execution environment for the script. Follow these steps:

Accessing the EC2 Dashboard

  1. Log in to your AWS Management Console using your credentials.

  2. Navigate to the EC2 service using one of these methods:

    • Search Bar Method: Type "EC2" in the AWS search bar at the top and select EC2 from the results.

    • Services Menu Method: Click on the "Services" dropdown located at the top-left corner of the dashboard, then select "Compute" > "EC2".

Once you're on the EC2 Dashboard, you can proceed with launching a new instance to host the resource tracking script.

Step 2: Instance Setup and Launch

After accessing the EC2 Dashboard, follow these steps to properly configure your virtual server:

1. Naming Your Instance

  • In the "Name and tags" section, enter a descriptive name for your instance (e.g., "AWS-Resource-Tracker")

2. Selecting the Operating System

  • Under "Application and OS Images", choose:

    • Quick Start tab

    • Ubuntu (recommended version, typically 22.04 LTS)

3. Setting Up Secure Access

  • In the "Key pair (login)" section:

    • Select an existing key pair from the dropdown OR

    • Click "Create new key pair" to generate a fresh SSH key

    • Ensure you download and securely store the .pem file

4. Confirming Instance Specifications

  • Keep the default t2.micro instance type (eligible for AWS Free Tier)

  • All other settings can remain at their default values for initial setup

5. Finalizing the Launch

  • Click the orange "Launch Instance" button at bottom right

  • You'll see a confirmation page with a "View all instances" button

6. Verifying Instance Status

  • After clicking to view instances, you'll see:

    • Your new EC2 instance in the dashboard

    • Status checks progressing from "Pending" to "Running"

    • A green status indicator confirming successful launch

This Ubuntu-based t2.micro instance now serves as your foundation for running the AWS Resource Tracker script while staying within Free Tier limits.

Step 3: Retrieving Connection Details

1. Locating Your Running Instance

  • Return to your EC2 Dashboard in the AWS Management Console

  • In the Instances section, identify your newly created instance

  • Verify the Instance State shows "Running" (green status indicator)

2. Accessing Instance Details

  • Click directly on the Instance ID (e.g., i-0123456789abcdef0)

  • This opens the detailed Instance Summary panel

3. Copying Connection Information

  • In the Public IPv4 address field (under Networking tab):

4. Preparing for Remote Access

  • Keep this information readily available for:

    • SSH connections (using your downloaded .pem key)

    • Future script deployments

    • Security group configurations

Important Note: This public IP is your instance's internet address and will change if the instance is stopped/restarted. For permanent addressing, consider allocating an Elastic IP.

Step 4: Accessing the Instance via SSH

1. Open Your Terminal

  • Launch your preferred terminal application (Command Prompt, PowerShell, or Terminal on macOS/Linux).

2. Navigate to Your Key Pair Directory (If Needed)

  • If your terminal doesn't automatically open in the correct folder, run:

      cd /path/to/your/key-pair

    • Example (if your .pem file is in Downloads):

        cd ~/Downloads

3. Execute the SSH Command

  • Run the following command, replacing:

    • path/to/key-pair.pem → Your actual .pem file location

    • ip_add → The public IP you copied earlier

    ssh -i /path/to/your-key.pem ubuntu@your_instance_ip

Example:

    ssh -i ~/Downloads/my-key-pair.pem ubuntu@54.210.167.204

4. Authenticate the Connection

  • If prompted with "Are you sure you want to continue connecting (yes/no)?", type yes and press Enter.

  • A successful login will display the Ubuntu prompt:

      ubuntu@ip-xxx-xxx-xxx-xxx:~$

Step 5: Install and set up AWS CLI

  • Install and set up AWS CLI with access credentials and default settings for interacting with AWS services from the command line
sudo apt-get update
sudo apt  install awscli -y
aws configure
  • Install JSON utility jq to print JSON data in a more readable format.
sudo apt  install jq -y

Step 6: Create a shell script file aws_resource_tracker.sh as below

#!/bin/bash
########################
# Author: Sdeep
# Date: 9th May
# version: v1
# This script will report the AWS resource usage
#######################

set -x # It will put your script in debug mode, showing the executed commands as output.

# AWS resources to track
# AWS S3
# AWS EC2
# AWS Lambda
# AWS IAM Users

# Lists S3 buckets, listing all user-owned buckets
echo "Listing S3 buckets"
aws s3 ls > S3resourceTracker # Redirecting output to a file S3resourceTracker

# Lists EC2 instances available in my account, including running, stopped, and terminated instances
echo "Listing EC2 instances"
#aws ec2 describe-instances
aws ec2 describe-instances | jq '.Reservations[].Instances[].InstanceId' > EC2resourceTracker # Redirecting output to a file EC2resourceTracker, it will give any number of instance IDs which are available

# Lists Lambda functions, displaying a list of all functions for the current user
echo "Listing Lambda Functions"
aws lambda list-functions > LambdaResourceTracker # Redirecting output to a file LambdaResourceTracker

# Lists the IAM users in the current account
echo "Listing IAM Users"
aws iam list-users > IAMUserResourceTracker  # Redirecting output to a file IAMUserResourceTracker

Step 7: Make the shell script file aws_resource_tracker.sh executable

sudo chmod +x aws_resource_tracker.sh

Step 8: Run the script

Here I did a dry run to check if the output is in desired format:

ubuntu@ip-172-31-80-12:~$ ls
aws_resource_tracker.sh
ubuntu@ip-172-31-80-12:~$ ./aws_resource_tracker.sh
+ echo 'Listing S3 buckets'
Listing S3 buckets
+ aws s3 ls
+ echo 'Listing EC2 instances'
Listing EC2 instances
+ jq '.Reservations[].Instances[].InstanceId'
+ aws ec2 describe-instances
+ echo 'Listing Lambda Functions'
Listing Lambda Functions
+ aws lambda list-functions
+ echo 'Listing IAM Users'
Listing IAM Users
+ aws iam list-users
ubuntu@ip-172-31-80-12:~$

Step 9: List the files in the current working directory

ubuntu@ip-172-31-80-12:~$ ls
EC2resourceTracker  IAMUserResourceTracker  LambdaResourceTracker  S3resourceTracker  aws_resource_tracker.sh

Step 10: Validation

That’s it. You will find Resource Tracker files for EC2 instances(including running, stopped, and terminated instances), IAM Users, Lambda functions, and S3 buckets generated by the shell script. View the files using cat cmd as below.

cat EC2resourceTracker S3resourceTracker

Automate Using CRON JOB:

we can schedule this script to run at a particular time daily using CRON Job

  • Step1: Creating a Cron Job

Create a cron job using the crontab command.

  • Step2: Scheduling a Cron Job

I have scheduled a job run at 9 AM every day and added the below cron job :

0 9 * * * /home/ubuntu/aws_resource_tracker.sh

As evident from the script above, the output of the cron job is saved in the resourceTracker files.

Practical Applications of the Script

1. Continuous Monitoring & Compliance Auditing

  • Enables scheduled tracking of AWS assets via cron jobs

  • Provides snapshots of critical resources including:

    • S3 bucket configurations

    • EC2 instance states

    • Lambda function versions

    • IAM user permissions

  • Facilitates compliance reporting for security standards

2. Comprehensive Cloud Inventory Management

  • Maintains a dynamic catalog of AWS infrastructure

  • Tracks resource metadata including:

    • Creation timestamps

    • Resource tags

    • Configuration details

  • Helps identify orphaned or underutilized assets

3. Rapid Incident Investigation

  • Accelerates troubleshooting with instant resource visibility

  • Enables quick retrieval of:

    • Instance IDs for failed EC2 systems

    • Lambda execution role details

    • IAM policy assignments

  • Reduces mean-time-to-resolution for operational issues

4. Automated Reporting & Cost Optimization

  • Generates periodic utilization reports for:

    • Cost allocation analysis

    • Right-sizing opportunities

    • Budget forecasting

  • Integrates with CI/CD pipelines for operational analytics

5. Enterprise-Grade Scalability

  • Eliminates manual resource tracking in complex environments

  • Processes hundreds of resources consistently

  • Reduces human error in infrastructure documentation

Project Resources

Implementation Notes

This project represents practical implementation of AWS monitoring concepts. As environments vary, you may need to adjust configurations for your specific setup. For troubleshooting assistance, please open an issue in the GitHub repository.

Acknowledgments
Developed through hands-on exploration of AWS services and shell scripting techniques. Contributions and feedback are welcome to enhance functionality.

0
Subscribe to my newsletter

Read articles from Sdeep directly inside your inbox. Subscribe to the newsletter, and don't miss out.

projectsshell scriptingAWSaws clicrontabDevops

Written by

Sdeep
Sdeep

👋 Hello! I'm passionate about DevOps and I'm proficient in a variety of cutting-edge technologies and always motivated to expand my knowledge and skills. Let's connect and grow together!