ꦫꦣꦺꦤ꧀ꦄꦤ꧀ꦠꦱꦺꦤ

PATH: usr / local / jetapps / var / lib / aws / lib / python2.7 / site-packages / awscli / examples / iam

The following ``get-account-authorization-details`` command returns information about all IAM users, groups, roles, and policies in the AWS account::

aws iam get-account-authorization-details

Output::

{
    "RoleDetailList": [
      {
        "AssumeRolePolicyDocument": {
          "Version": "2012-10-17",
          "Statement": [
            {
              "Sid": "",
              "Effect": "Allow",
              "Principal": {
                "Service": "ec2.amazonaws.com"
              },
              "Action": "sts:AssumeRole"
            }
          ]
        },
        "RoleId": "AROAFP4BKI7Y7TEXAMPLE",
        "CreateDate": "2014-07-30T17:09:20Z",
        "InstanceProfileList": [
          {
            "InstanceProfileId": "AIPAFFYRBHWXW2EXAMPLE",
            "Roles": [
              {
                "AssumeRolePolicyDocument": {
                  "Version":"2012-10-17",
                  "Statement": [
                    {
                      "Sid":"",
                      "Effect":"Allow",
                      "Principal": {
                        "Service":"ec2.amazonaws.com"
                      },
                      "Action":"sts:AssumeRole"
                    }
                  ]
                },
                "RoleId": "AROAFP4BKI7Y7TEXAMPLE",
                "CreateDate": "2014-07-30T17:09:20Z",
                "RoleName": "EC2role",
                "Path": "/",
                "Arn": "arn:aws:iam::123456789012:role/EC2role"
              }
            ],
            "CreateDate": "2014-07-30T17:09:20Z",
            "InstanceProfileName": "EC2role",
            "Path": "/",
            "Arn": "arn:aws:iam::123456789012:instance-profile/EC2role"
          }
        ],
        "RoleName": "EC2role",
        "Path": "/",
        "AttachedManagedPolicies": [
          {
            "PolicyName": "AmazonS3FullAccess",
            "PolicyArn": "arn:aws:iam::aws:policy/AmazonS3FullAccess"
          },
          {
            "PolicyName": "AmazonDynamoDBFullAccess",
            "PolicyArn": "arn:aws:iam::aws:policy/AmazonDynamoDBFullAccess"
          }
        ],
        "RolePolicyList": [],
        "Arn": "arn:aws:iam::123456789012:role/EC2role"
      }],
    "GroupDetailList": [
      {
        "GroupId": "AIDACKCEVSQ6C7EXAMPLE",
        "AttachedManagedPolicies": {
          "PolicyName": "AdministratorAccess",
          "PolicyArn": "arn:aws:iam::aws:policy/AdministratorAccess"
        },
        "GroupName": "Admins",
        "Path": "/",
        "Arn": "arn:aws:iam::123456789012:group/Admins",
        "CreateDate": "2013-10-14T18:32:24Z",
        "GroupPolicyList": []
      },
      {
        "GroupId": "AIDACKCEVSQ6C8EXAMPLE",
        "AttachedManagedPolicies": {
          "PolicyName": "PowerUserAccess",
          "PolicyArn": "arn:aws:iam::aws:policy/PowerUserAccess"
        },
        "GroupName": "Dev",
        "Path": "/",
        "Arn": "arn:aws:iam::123456789012:group/Dev",
        "CreateDate": "2013-10-14T18:33:55Z",
        "GroupPolicyList": []
      },
      {
        "GroupId": "AIDACKCEVSQ6C9EXAMPLE",
        "AttachedManagedPolicies": [],
        "GroupName": "Finance",
        "Path": "/",
        "Arn": "arn:aws:iam::123456789012:group/Finance",
        "CreateDate": "2013-10-14T18:57:48Z",
        "GroupPolicyList": [
          {
            "PolicyName": "policygen-201310141157",
            "PolicyDocument": {
              "Version":"2012-10-17",
              "Statement": [
                {
                  "Action": "aws-portal:*",
                  "Sid":"Stmt1381777017000",
                  "Resource": "*",
                  "Effect":"Allow"
                }
              ]
            }
          }
        ]
      }],
    "UserDetailList": [
      {
        "UserName": "Alice",
        "GroupList": [
          "Admins"
        ],
        "CreateDate": "2013-10-14T18:32:24Z",
        "UserId": "AIDACKCEVSQ6C2EXAMPLE",
        "UserPolicyList": [],
        "Path": "/",
        "AttachedManagedPolicies": [],
        "Arn": "arn:aws:iam::123456789012:user/Alice"
      },
      {
        "UserName": "Bob",
        "GroupList": [
          "Admins"
        ],
        "CreateDate": "2013-10-14T18:32:25Z",
        "UserId": "AIDACKCEVSQ6C3EXAMPLE",
        "UserPolicyList": [
          {
            "PolicyName": "DenyBillingAndIAMPolicy",
            "PolicyDocument": {
              "Version":"2012-10-17",
              "Statement": {
                "Effect":"Deny",
                "Action": [
                  "aws-portal:*",
                  "iam:*"
                ],
                "Resource":"*"
              }
            }
          }
        ],
        "Path": "/",
        "AttachedManagedPolicies": [],
        "Arn": "arn:aws:iam::123456789012:user/Bob"
      },
      {
        "UserName": "Charlie",
        "GroupList": [
          "Dev"
        ],
        "CreateDate": "2013-10-14T18:33:56Z",
        "UserId": "AIDACKCEVSQ6C4EXAMPLE",
        "UserPolicyList": [],
        "Path": "/",
        "AttachedManagedPolicies": [],
        "Arn": "arn:aws:iam::123456789012:user/Charlie"
      }],
    "Policies": [
      {
        "PolicyName": "create-update-delete-set-managed-policies",
        "CreateDate": "2015-02-06T19:58:34Z",
        "AttachmentCount": 1,
        "IsAttachable": true,
        "PolicyId": "ANPAJ2UCCR6DPCEXAMPLE",
        "DefaultVersionId": "v1",
        "PolicyVersionList": [
          {
            "CreateDate": "2015-02-06T19:58:34Z",
            "VersionId": "v1",
            "Document": {
              "Version":"2012-10-17",
              "Statement": {
                "Effect":"Allow",
                "Action": [
                  "iam:CreatePolicy",
                  "iam:CreatePolicyVersion",
                  "iam:DeletePolicy",
                  "iam:DeletePolicyVersion",
                  "iam:GetPolicy",
                  "iam:GetPolicyVersion",
                  "iam:ListPolicies",
                  "iam:ListPolicyVersions",
                  "iam:SetDefaultPolicyVersion"
                ], 
                "Resource": "*"
              }
            },
            "IsDefaultVersion": true
          }
        ],
        "Path": "/",
        "Arn": "arn:aws:iam::123456789012:policy/create-update-delete-set-managed-policies",
        "UpdateDate": "2015-02-06T19:58:34Z"
      },
      {
        "PolicyName": "S3-read-only-specific-bucket",
        "CreateDate": "2015-01-21T21:39:41Z",
        "AttachmentCount": 1,
        "IsAttachable": true,
        "PolicyId": "ANPAJ4AE5446DAEXAMPLE",
        "DefaultVersionId": "v1",
        "PolicyVersionList": [
          {
            "CreateDate": "2015-01-21T21:39:41Z",
            "VersionId": "v1",
            "Document": {
              "Version":"2012-10-17",
              "Statement": [
                {
                  "Effect":"Allow",
                  "Action": [
                    "s3:Get*",
                    "s3:List*"
                  ],
                  "Resource": [
                    "arn:aws:s3:::example-bucket",
                    "arn:aws:s3:::example-bucket/*"
                  ]
                }
              ]
            },
            "IsDefaultVersion": true
          }
        ],  
        "Path": "/",
        "Arn": "arn:aws:iam::123456789012:policy/S3-read-only-specific-bucket",
        "UpdateDate": "2015-01-21T23:39:41Z"
      },
      {
        "PolicyName": "AmazonEC2FullAccess",
        "CreateDate": "2015-02-06T18:40:15Z",
        "AttachmentCount": 1,
        "IsAttachable": true,
        "PolicyId": "ANPAE3QWE5YT46TQ34WLG",
        "DefaultVersionId": "v1",
        "PolicyVersionList": [
          {
            "CreateDate": "2014-10-30T20:59:46Z",
            "VersionId": "v1",
            "Document": {
              "Version":"2012-10-17",
              "Statement": [
                {
                  "Action":"ec2:*",
                  "Effect":"Allow",
                  "Resource":"*"
                },
                {
                  "Effect":"Allow",
                  "Action":"elasticloadbalancing:*",
                  "Resource":"*"
                },
                {
                  "Effect":"Allow",
                  "Action":"cloudwatch:*",
                  "Resource":"*"
                },
                {
                  "Effect":"Allow",
                  "Action":"autoscaling:*",
                  "Resource":"*"
                }
              ]
            },
            "IsDefaultVersion": true
          }
        ],
        "Path": "/",
        "Arn": "arn:aws:iam::aws:policy/AmazonEC2FullAccess",
        "UpdateDate": "2015-02-06T18:40:15Z"
      }],
    "Marker": "EXAMPLEkakv9BCuUNFDtxWSyfzetYwEx2ADc8dnzfvERF5S6YMvXKx41t6gCl/eeaCX3Jo94/bKqezEAg8TEVS99EKFLxm3jtbpl25FDWEXAMPLE",
    "IsTruncated": true
  }

[+] ..
[-] delete-login-profile.rst [edit]
[-] create-virtual-mfa-device.rst [edit]
[-] get-user-policy.rst [edit]
[-] create-policy.rst [edit]
[-] enable-mfa-device.rst [edit]
[-] get-role-policy.rst [edit]
[-] delete-group.rst [edit]
[-] detach-user-policy.rst [edit]
[-] update-role.rst [edit]
[-] delete-account-alias.rst [edit]
[-] attach-role-policy.rst [edit]
[-] list-policy-versions.rst [edit]
[-] upload-ssh-public-key.rst [edit]
[-] get-account-authorization-details.rst [edit]
[-] create-policy-version.rst [edit]
[-] delete-saml-provider.rst [edit]
[-] resync-mfa-device.rst [edit]
[-] get-service-linked-role-deletion-status.rst [edit]
[-] list-user-policies.rst [edit]
[-] delete-policy.rst [edit]
[-] create-saml-provider.rst [edit]
[-] attach-group-policy.rst [edit]
[-] get-context-keys-for-custom-policy.rst [edit]
[-] list-access-keys.rst [edit]
[-] delete-ssh-public-key.rst [edit]
[-] create-user.rst [edit]
[-] set-default-policy-version.rst [edit]
[-] delete-instance-profile.rst [edit]
[-] list-ssh-public-keys.rst [edit]
[-] update-user.rst [edit]
[-] list-attached-group-policies.rst [edit]
[-] get-server-certificate.rst [edit]
[-] change-password.rst [edit]
[-] get-group.rst [edit]
[-] list-policies-granting-service-access.rst [edit]
[-] list-virtual-mfa-devices.rst [edit]
[-] simulate-custom-policy.rst [edit]
[-] tag-role.rst [edit]
[-] untag-user.rst [edit]
[-] get-policy-version.rst [edit]
[-] untag-role.rst [edit]
[-] update-saml-provider.rst [edit]
[-] put-group-policy.rst [edit]
[-] create-service-linked-role.rst [edit]
[-] create-role.rst [edit]
[-] get-context-keys-for-principal-policy.rst [edit]
[-] update-group.rst [edit]
[-] create-open-id-connect-provider.rst [edit]
[-] create-group.rst [edit]
[-] delete-virtual-mfa-device.rst [edit]
[+] wait
[-] list-roles.rst [edit]
[-] delete-role-policy.rst [edit]
[-] list-signing-certificates.rst [edit]
[-] delete-service-linked-role.rst [edit]
[-] list-users.rst [edit]
[-] reset-service-specific-credential.rst [edit]
[-] list-group-policies.rst [edit]
[-] update-server-certificate.rst [edit]
[-] simulate-principal-policy.rst [edit]
[-] list-account-aliases.rst [edit]
[-] list-entities-for-policy.rst [edit]
[-] detach-role-policy.rst [edit]
[-] attach-user-policy.rst [edit]
[-] delete-account-password-policy.rst [edit]
[-] delete-user-policy.rst [edit]
[-] get-access-key-last-used.rst [edit]
[-] put-user-policy.rst [edit]
[-] get-credential-report.rst [edit]
[-] delete-role.rst [edit]
[-] get-instance-profile.rst [edit]
[-] get-account-password-policy.rst [edit]
[-] delete-access-key.rst [edit]
[-] add-role-to-instance-profile.rst [edit]
[-] add-client-id-to-open-id-connect-provider.rst [edit]
[-] delete-open-id-connect-provider.rst [edit]
[-] list-instance-profiles.rst [edit]
[-] delete-policy-version.rst [edit]
[-] list-role-tags.rst [edit]
[-] delete-user.rst [edit]
[-] list-role-policies.rst [edit]
[-] put-role-policy.rst [edit]
[-] create-account-alias.rst [edit]
[-] update-signing-certificate.rst [edit]
[-] remove-client-id-from-open-id-connect-provider.rst [edit]
[-] get-saml-provider.rst [edit]
[-] update-account-password-policy.rst [edit]
[-] update-ssh-public-key.rst [edit]
[-] create-login-profile.rst [edit]
[-] get-role.rst [edit]
[-] generate-credential-report.rst [edit]
[-] detach-group-policy.rst [edit]
[-] delete-service-specific-credential.rst [edit]
[-] get-login-profile.rst [edit]
[-] delete-server-certificate.rst [edit]
[-] upload-server-certificate.rst [edit]
[-] list-groups-for-user.rst [edit]
[-] update-service-specific-credential.rst [edit]
[-] list-groups.rst [edit]
[-] add-user-to-group.rst [edit]
[-] list-mfa-devices.rst [edit]
[-] list-open-id-connect-providers.rst [edit]
[-] remove-role-from-instance-profile.rst [edit]
[-] list-saml-providers.rst [edit]
[-] get-policy.rst [edit]
[-] get-account-summary.rst [edit]
[-] list-service-specific-credential.rst [edit]
[-] remove-user-from-group.rst [edit]
[-] get-user.rst [edit]
[-] get-open-id-connect-provider.rst [edit]
[-] create-service-specific-credential.rst [edit]
[-] update-open-id-connect-provider-thumbprint.rst [edit]
[-] upload-signing-certificate.rst [edit]
[-] create-access-key.rst [edit]
[-] delete-group-policy.rst [edit]
[-] create-instance-profile.rst [edit]
[-] get-group-policy.rst [edit]
[-] update-assume-role-policy.rst [edit]
[-] deactivate-mfa-device.rst [edit]
[-] tag-user.rst [edit]
[-] get-ssh-public-key.rst [edit]
[-] delete-signing-certificate.rst [edit]
[-] list-instance-profiles-for-role.rst [edit]
[-] list-server-certificates.rst [edit]
[-] update-login-profile.rst [edit]
[-] update-access-key.rst [edit]
[-] update-role-description.rst [edit]
[-] list-attached-role-policies.rst [edit]
[-] list-policies.rst [edit]
[-] list-user-tags.rst [edit]
[-] list-attached-user-policies.rst [edit]