cktricky/list_aws_user_policies.py

## list_aws_user_policies.py
import boto3
from itertools import chain
import csv


'''
Goal)

Create a matrix (csv) that consists of (and is used in an excel file capacity):
 *** List out each policy (Managed and Inline) that are attached to a user.
 *** List each group attached to a user on the same row (important because groups also have separate permissions of their own)

'''

client = boto3.client(
	'iam',
	aws_access_key_id = 'place access key id here' ,
	aws_secret_access_key = 'place access key secret here',
	region_name='us-east-1'
)

client_list = client.list_users()
users = client_list['Users']
policy_names = []


def get_auth(marker=None):
	if marker is None:
		get_auth = client.get_account_authorization_details(Filter=['User'])
	else:
		get_auth = client.get_account_authorization_details(Filter=['User'], Marker=marker)
	return get_auth

ga = get_auth()

list_of_ga = []
marker = []

list_of_ga.append(ga)


if ga['IsTruncated'] is True:
	marker.append(ga['Marker'])

while len(marker) > 0:
	g_auth = get_auth(marker[0])
	list_of_ga.append(g_auth)
	marker.pop()
	if g_auth['IsTruncated'] is True:
		marker.append(ga['Marker'])


user_detail_list = []
with open('names.csv', 'w') as csvfile:
	fieldnames = ['UserName', 'Inline Policies', 'Managed Policies', 'Group List']
	writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
	writer.writeheader()
	for a in list_of_ga:
		for item in a['UserDetailList']:
			if 'UserPolicyList' in item:
				plist = item['UserPolicyList']
			else:
				plist = 'Blank'
			writer.writerow({
				'UserName' : item['UserName'],
				'Inline Policies' : plist,
				'Managed Policies': item['AttachedManagedPolicies'],
				'Group List' : item['GroupList']
			})
	import boto3
	from itertools import chain
	import csv


	'''
	Goal)

	Create a matrix (csv) that consists of (and is used in an excel file capacity):
	*** List out each policy (Managed and Inline) that are attached to a user.
	*** List each group attached to a user on the same row (important because groups also have separate permissions of their own)

	'''

	client = boto3.client(
	'iam',
	aws_access_key_id = 'place access key id here' ,
	aws_secret_access_key = 'place access key secret here',
	region_name='us-east-1'
	)

	client_list = client.list_users()
	users = client_list['Users']
	policy_names = []


	def get_auth(marker=None):
	if marker is None:
	get_auth = client.get_account_authorization_details(Filter=['User'])
	else:
	get_auth = client.get_account_authorization_details(Filter=['User'], Marker=marker)
	return get_auth

	ga = get_auth()

	list_of_ga = []
	marker = []

	list_of_ga.append(ga)


	if ga['IsTruncated'] is True:
	marker.append(ga['Marker'])

	while len(marker) > 0:
	g_auth = get_auth(marker[0])
	list_of_ga.append(g_auth)
	marker.pop()
	if g_auth['IsTruncated'] is True:
	marker.append(ga['Marker'])



	user_detail_list = []
	with open('names.csv', 'w') as csvfile:
	fieldnames = ['UserName', 'Inline Policies', 'Managed Policies', 'Group List']
	writer = csv.DictWriter(csvfile, fieldnames=fieldnames)
	writer.writeheader()
	for a in list_of_ga:
	for item in a['UserDetailList']:
	if 'UserPolicyList' in item:
	plist = item['UserPolicyList']
	else:
	plist = 'Blank'
	writer.writerow({
	'UserName' : item['UserName'],
	'Inline Policies' : plist,
	'Managed Policies': item['AttachedManagedPolicies'],
	'Group List' : item['GroupList']
	})