Is there a way to retrieve multiple users inline policies in AWS?

Question

I am using

aws iam get-user-policy --user-name Bob --policy-name ExamplePolicy

https://docs.aws.amazon.com/cli/latest/reference/iam/get-user-policy.html

To retrieve a policy. I am wondering if there's a way to retrieve multiple users and their inline policies at once.

I'm under the impression that AWS doesn't have a built in process for this and it will require writing a script.

I am not familiar with very new to bash scripting and more familiar with Python; I am wondering if a simple bash script would be a better solution for this an how to go on about this?

score 1 · Answer 1 · answered Jan 19 '22 at 06:35

If you are familiar with Python, there is an AWS SDK boto3. For example, refer to its documentation for IAM:

https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/iam.html

You are right in that the API does not itself support multiple users. You have to loop and call the API for each user, which you can do in either Python or bash.

Also I don't know why you want to pull policies for multiple users, but if you need an auditing solution to detect unapproved policies, you can consider using AWS Config.

Is there a way to retrieve multiple users inline policies in AWS?

1 Answers1