Skip to content

Instantly share code, notes, and snippets.

@aaronmelton
Created February 19, 2018 14:57
Show Gist options
  • Save aaronmelton/5198a69f077aa6e1ff1d624f2b78b509 to your computer and use it in GitHub Desktop.
Save aaronmelton/5198a69f077aa6e1ff1d624f2b78b509 to your computer and use it in GitHub Desktop.
#!/bin/bash
#
# author = "Aaron Melton <aaron@aaronmelton.com>"
# date = "2017-08-30"
# description = "Get IAM Users"
# name = "get_iam_users.sh"
# version = "v0.0.1"
#
# REQUIREMENTS:
# 1. Install AWS Command Line Interface: https://aws.amazon.com/cli/
# 2. If your account is using Multi-Factor Authentication (MFA), you will need
# to create a temporary token to permit AWS CLI access:
# https://aws.amazon.com/premiumsupport/knowledge-center/authenticate-mfa-cli/
#
# LIMITATIONS:
# 1. Your IAM permissions should allow access to the AWS Service you are
# attempting to access with this script
# 2. This script will only pull the EC2 instances for the region you specify
# below. Uncomment the region you want.
# 3. Attempting to include options which may have multiple values (such as
# Security Groups) will break the CSV conversion because multiple items are
# returned as an array and breaks the tab-to-comma conversion.
#
# SELECT AMAZON REGION:
# Code Name
#regionCode="us-east-1" #US East (N. Virginia)
#regionCode="us-east-2" #US East (Ohio)
#regionCode="us-west-1" #US West (N. California)
#regionCode="us-west-2" #US West (Oregon)*
#regionCode="ca-central-1" #Canada (Central)
regionCode="eu-west-1" #EU (Ireland)*
#regionCode="eu-central-1" #EU (Frankfurt)*
#regionCode="eu-west-2" #EU (London)
#regionCode="ap-southeast-1" #Asia Pacific (Singapore)*
#regionCode="ap-southeast-2" #Asia Pacific (Sydney)
#regionCode="ap-northeast-2" #Asia Pacific (Seoul)
#regionCode="ap-northeast-1" #Asia Pacific (Tokyo)
#regionCode="ap-south-1" #Asia Pacific (Mumbai)
#regionCode="sa-east-1" #South America (São Paulo)
# AWS CLI output does not provide column headers, so we will add these to our
# our file before writing to it. This echo statement will append the date to
# the filename in ISO-8601 format. If you change the AWS CLI query, you will
# need to manually update this line to add/remove headers to the columns.
echo ",User ARN,Creation Time,Last Login,Path,UID,Username" > iam_list-users_$(echo $regionCode)_$(date --iso-8601).tsv
# Use 'ec2 describe-instances' to obtain a table of EC2 instances within your
# configured region. Output as text. Limit results to the query. Append
# output to a tab separated file (default output for a --query).
aws iam --region $regionCode list-users --output text >> iam_list-users_$(echo $regionCode)_$(date --iso-8601).tsv
# Use sed to replace the tabs with commas (effectively creating a CSV file)
sed 's/\t/,/g' iam_list-users_$(echo $regionCode)_$(date --iso-8601).tsv > iam_list-users_$(echo $regionCode)_$(date --iso-8601).csv
# Remove old tab separated file
rm -rf iam_list-users_$(echo $regionCode)_$(date --iso-8601).tsv
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment