Created
October 5, 2013 11:23
-
-
Save thomaswitt/6839685 to your computer and use it in GitHub Desktop.
List all AWS IAM Users of an account
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env ruby | |
| require 'rubygems' | |
| require 'aws-sdk' | |
| require 'highline/import' | |
| def get_aws_account_data(iam) | |
| begin | |
| iam = iam.client.get_user | |
| id, user = iam[:user][:arn].match('^arn:aws:iam::([0-9]{12}):(.*)$').captures | |
| rescue AWS::IAM::Errors::AccessDenied | |
| result = $! | |
| id, user = result.to_s.match('^User: arn:aws:iam::([0-9]{12}):(.*) is not auth.*$').captures | |
| end | |
| raise 'incorrect account id' unless id.match(/^[0-9]{12}$/) | |
| [id, user] | |
| end | |
| access_key_id = ARGV[0].nil? ? ask("AWS Access Key ID: ") : ARGV[0] | |
| secret_access_key = ARGV[1].nil? ? ask("AWS Secret Access Key: ") { |q| q.echo = false } : ARGV[1] | |
| iam = AWS::IAM.new(:access_key_id => access_key_id, | |
| :secret_access_key => secret_access_key) | |
| acc = get_aws_account_data(iam) | |
| sum = iam.account_summary | |
| puts "*** Listing #{sum[:users]} users for AWS Acc ID #{acc[0]} (as #{acc[1]})" | |
| iam.users.each do |user| | |
| puts "\n#{user.path}#{user.name} (#{user.arn})" | |
| user.access_keys.each do |key| | |
| puts "- Access Key ID: #{key.id} (#{key.status})" | |
| end | |
| end | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment