# AWS IDC List User Permissions
List all users and their corresponding permission set within an AWS Identity Center instance. AWS Identity Center is the new name for AWS SSO.
Will iterate through all users, and determine their permission sets (either directly attached to the user, or via a Group).
## Install & Use
$ pip install aws-idc-list-user-permissions
$ aws-idc-list-user-permissions
Ensure that the you run this in the account where AWS Identity Center (previously AWS SSO) is setup, and the in the correct region. You may supply a region and aws profile if you use the non default:
$ aws-idc-list-user-permissions --profile my-org-profile --region us-east-1
## Output
The script outputs two files, a short 5 column CSV, and a long jsonl file.
The jsonl file contains all details about the user, account, permission set, and group (if applicable), in a denormalized jsonl file. This file contains one json document per line, to make discovery easy.
The csv file contains only the 5 columns:
* User Name (this is the user's display name in AWS IDC)
* Account Name (the name of the account in AWS Organizations)
* Permission Set Name (the name of the permission set)
* InheritfromGroup (a column to indicate if the user inherited the permissions from a group or not)
* GroupName (if the user inherited this permission set from a group, this is the name of that group)
## Notes
If an account or permission set exists with no users attached to it, this report will **not** have a item on the list for it. Only permissions sets with account assignments associated with actual users will appear on the list.
Groups with no users as members will **not** appear on the list.
The managed policies and inline policies for each permission set is available in the jsonl file on a per line basis.
Raw data
{
"_id": null,
"home_page": null,
"name": "aws-idc-list-user-permissions",
"maintainer": null,
"docs_url": null,
"requires_python": "<4.0,>=3.9",
"maintainer_email": null,
"keywords": null,
"author": "Keith Rozario",
"author_email": "keithjosephrozario@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/c0/ce/6be164bc7cfea09f4441a7f88e48b302be36adb57b54b4ffdea6c8be25d7/aws_idc_list_user_permissions-0.2.0.tar.gz",
"platform": null,
"description": "# AWS IDC List User Permissions\n\nList all users and their corresponding permission set within an AWS Identity Center instance. AWS Identity Center is the new name for AWS SSO.\n\nWill iterate through all users, and determine their permission sets (either directly attached to the user, or via a Group).\n\n## Install & Use\n\n $ pip install aws-idc-list-user-permissions\n $ aws-idc-list-user-permissions\n\nEnsure that the you run this in the account where AWS Identity Center (previously AWS SSO) is setup, and the in the correct region. You may supply a region and aws profile if you use the non default:\n\n $ aws-idc-list-user-permissions --profile my-org-profile --region us-east-1\n\n## Output\n\nThe script outputs two files, a short 5 column CSV, and a long jsonl file. \n\nThe jsonl file contains all details about the user, account, permission set, and group (if applicable), in a denormalized jsonl file. This file contains one json document per line, to make discovery easy.\n\nThe csv file contains only the 5 columns:\n* User Name (this is the user's display name in AWS IDC)\n* Account Name (the name of the account in AWS Organizations)\n* Permission Set Name (the name of the permission set)\n* InheritfromGroup (a column to indicate if the user inherited the permissions from a group or not)\n* GroupName (if the user inherited this permission set from a group, this is the name of that group)\n\n## Notes\n\nIf an account or permission set exists with no users attached to it, this report will **not** have a item on the list for it. Only permissions sets with account assignments associated with actual users will appear on the list.\n\nGroups with no users as members will **not** appear on the list.\n\nThe managed policies and inline policies for each permission set is available in the jsonl file on a per line basis.",
"bugtrack_url": null,
"license": null,
"summary": null,
"version": "0.2.0",
"project_urls": null,
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "bdea34aab818a11f5fe682f0c2a0fb1d52f6fad4cf8d5759b871ac38355737d6",
"md5": "6cdad617535f2b010c119a43decaf6ac",
"sha256": "6dce30263d9f87a3182763b16a3e6d224940f869340098ceb50e5218f326d3c5"
},
"downloads": -1,
"filename": "aws_idc_list_user_permissions-0.2.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "6cdad617535f2b010c119a43decaf6ac",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.9",
"size": 6652,
"upload_time": "2024-04-29T01:36:58",
"upload_time_iso_8601": "2024-04-29T01:36:58.506845Z",
"url": "https://files.pythonhosted.org/packages/bd/ea/34aab818a11f5fe682f0c2a0fb1d52f6fad4cf8d5759b871ac38355737d6/aws_idc_list_user_permissions-0.2.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "c0ce6be164bc7cfea09f4441a7f88e48b302be36adb57b54b4ffdea6c8be25d7",
"md5": "2d523620dd75c54f6746eeb67df9de42",
"sha256": "1c6da65fc6a46f18b346f996d45952eb6fb93040e8cdd9a156367e9e26b7e2a2"
},
"downloads": -1,
"filename": "aws_idc_list_user_permissions-0.2.0.tar.gz",
"has_sig": false,
"md5_digest": "2d523620dd75c54f6746eeb67df9de42",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.9",
"size": 4824,
"upload_time": "2024-04-29T01:36:59",
"upload_time_iso_8601": "2024-04-29T01:36:59.827243Z",
"url": "https://files.pythonhosted.org/packages/c0/ce/6be164bc7cfea09f4441a7f88e48b302be36adb57b54b4ffdea6c8be25d7/aws_idc_list_user_permissions-0.2.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-04-29 01:36:59",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "aws-idc-list-user-permissions"
}
JSON