Skip to content
Permalink
e50ecc0561
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

AWS_Auditing_Framework/Script1.py

Go to file
 
 
Cannot retrieve contributors at this time
43 lines (35 sloc) 1.49 KB
Raw Blame
import boto3
def list_user_policies(iam_client, user_name):
try:
response = iam_client.list_user_policies(UserName=user_name)
return response['PolicyNames']
except Exception as e:
print(f"Error listing policies for user {user_name}: {e}")
return []
def get_user_policy(iam_client, user_name, policy_name):
try:
response = iam_client.get_user_policy(UserName=user_name, PolicyName=policy_name)
return response['PolicyDocument']
except Exception as e:
print(f"Error getting policy {policy_name} for user {user_name}: {e}")
return None
def enumerate_iam_policies(profile_name, user_name):
# Initialize a session using Amazon IAM
session = boto3.Session(profile_name=profile_name)
iam_client = session.client('iam')
# List user policies
policy_names = list_user_policies(iam_client, user_name)
if not policy_names:
print(f"No policies found for user {user_name}")
return
# Get details of each policy
for policy_name in policy_names:
policy_document = get_user_policy(iam_client, user_name, policy_name)
if policy_document:
print(f"Policy Name: {policy_name}")
print(f"Policy Document: {policy_document}\n")
if __name__ == "__main__":
# Prompt the user for the profile name and IAM user name
profile_name = input("Enter the AWS profile name: ")
user_name = input("Enter the IAM user name: ")
enumerate_iam_policies(profile_name, user_name)