Skip to content

Instantly share code, notes, and snippets.

@JamesJJ

JamesJJ/aws-delete-iam-user.sh

Created May 24, 2018 10:37
Show Gist options
  • Save JamesJJ/9e31dd2bd17b02edc355625a69d9d07c to your computer and use it in GitHub Desktop.
Save JamesJJ/9e31dd2bd17b02edc355625a69d9d07c to your computer and use it in GitHub Desktop.
Download ZIP
Deleting_AWS_IAM_User_with_CLI_is_not_so_simple!
Raw
aws-delete-iam-user.sh
#!/bin/bash
U="$1"
[ -z "$U" ] && exit 1
which jq &> /dev/null || exit 2
echo "== $U"
aws iam get-user --user-name "$U" || exit 0
aws iam list-signing-certificates --user-name "$U" \
| jq ".Certificates[].CertificateId" \
| xargs -n 1 -I YY aws iam delete-signing-certificate --user-name "$U" --certificate-id "YY"
aws iam list-signing-certificates --user-name "$U"
aws iam list-access-keys --user-name "$U" \
| jq ".AccessKeyMetadata[].AccessKeyId" \
| xargs -n 1 -I YY aws iam delete-access-key --user-name "$U" --access-key-id YY
aws iam list-access-keys --user-name "$U"
aws iam delete-login-profile --user-name "$U"
aws iam list-mfa-devices --user-name "$U" \
| jq ".MFADevices[].SerialNumber" \
| xargs -n 1 -I YY aws iam deactivate-mfa-device --user-name "$U" --serial-number YY
aws iam list-mfa-devices --user-name "$U"
aws iam list-attached-user-policies --user-name "$U" \
| jq ".AttachedPolicies[].PolicyArn" \
| xargs -n 1 -I YY aws iam detach-user-policy --user-name "$U" --policy-arn YY
aws iam list-attached-user-policies --user-name "$U"
aws iam list-user-policies --user-name "$U" \
| jq ".PolicyNames[]" \
| xargs -n 1 -I YY aws iam delete-user-policy --user-name "$U" --policy-name YY
aws iam list-user-policies --user-name "$U"
aws iam list-groups-for-user --user-name "$U" \
| jq ".Groups[].GroupName" \
| xargs -n 1 -I YY aws iam remove-user-from-group --user-name "$U" --group-name YY
aws iam list-groups-for-user --user-name "$U"
sleep 1
aws iam delete-user --user-name "$U"
true
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment