Bootstrap FreeKB - Amazon Web Services (AWS) - List IAM User Policies using the AWS CLI
Amazon Web Services (AWS) - List IAM User Policies using the AWS CLI
Updated:   |  Amazon Web Services (AWS) articles

This assumes you have already configured the aws command line tool. If not, check out my article on Getting Started with the AWS CLI.

The aws iam list-users command can be used to list the IAM users that have been created.

~]$ aws iam list-users
{
    "Users": [
        {
            "Path": "/",
            "UserName": "john.doe",
            "UserId": "AIDAABCDL76GLUA6B21234",
            "Arn": "arn:aws:iam::123456789012:user/john.doe",
            "CreateDate": "2022-09-13T11:13:03+00:00"
        }
    ]
}

 

  • The aws iam list-user-policies command should list the policies that have been embedded to a user. These are NOT managed policies that can be attached to two or more user accounts. Instead, this is a specific policy that is only associated with the specified user.
  • The aws iam list-attached-user-policies command should list the managed policies that have been attached to a user
  • The aws iam list-attached-role-policies command should list the managed policies that have been attached to a role

In this example, the AdministratorAccess policy is attached to user john.doe.

~]$ aws iam list-attached-user-policies --user-name john.doe
{
    "AttachedPolicies": [
        {
            "PolicyName": "AdministratorAccess",
            "PolicyArn": "arn:aws:iam::aws:policy/AdministratorAccess"
        }
    ]
}

 

In this example, user velero has an embedded policy named velero-s3.

~]$ aws iam list-user-policies --user-name velero
{
    "PolicyNames": [
        "velero-s3"
    ]
}

 

Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Comments


Add a Comment


Please enter 34e7a8 in the box below so that we can be sure you are a human.