def main(argv=None): key = parse_args(argv) iam = boto.connect_iam() users = iam.get_all_users('/')['list_users_response']['list_users_result']['users'] for user in users: for key_result in iam.get_all_access_keys(user['user_name'])['list_access_keys_response']['list_access_keys_result']['access_key_metadata']: aws_access_key = key_result['access_key_id'] if aws_access_key == key: print('Key "%s" belongs to user: %s' % (key, user['user_name'])) return 0 else: print('Did not find access key "%s" in %d IAM users' % (key, len(users))) return 1
def test_iam(app): iam = boto.iam.connect_to_region(app.config["identity"]['region'], aws_access_key_id=app.config['keys.key_id'], aws_secret_access_key=app.config['keys.key_secret'], security_token=app.config['keys.key_token']) roles = iam.list_roles(); print type(roles) for role in roles["list_roles_response"]["list_roles_result"]["roles"]: print role print users = iam.get_all_users(); for user in users.items(): print print user
def test_iam(app): iam = boto.iam.connect_to_region( app.config["identity"]['region'], aws_access_key_id=app.config['keys.key_id'], aws_secret_access_key=app.config['keys.key_secret'], security_token=app.config['keys.key_token']) roles = iam.list_roles() print type(roles) for role in roles["list_roles_response"]["list_roles_result"]["roles"]: print role print users = iam.get_all_users() for user in users.items(): print print user
import sys if len(sys.argv) == 1: print 'Usage: \n find_iam_user AWS_ACCESS_KEY_ID' exit(1) TARGET_ACCESS_KEY = sys.argv[1] iam = boto.connect_iam() marker = None is_truncated = 'true' users = [] while is_truncated == 'true': all_users = iam.get_all_users('/', marker=marker) users += all_users['list_users_response']['list_users_result']['users'] is_truncated = all_users['list_users_response']['list_users_result'][ 'is_truncated'] if is_truncated == 'true': marker = all_users['list_users_response']['list_users_result'][ 'marker'] print "Found " + str(len(users)) + " users, searching..." def find_key(): for user in users: for key_result in iam.get_all_access_keys( user['user_name'])['list_access_keys_response'][ 'list_access_keys_result']['access_key_metadata']:
iam = boto.iam.connect_to_region(region, **aws_connect_kwargs) else: iam = boto.iam.connection.IAMConnection(**aws_connect_kwargs) except boto.exception.NoAuthHandlerFound, e: module.fail_json(msg=str(e)) result = {} changed = False try: orig_group_list = [gl['group_name'] for gl in iam.get_all_groups(). list_groups_result. groups] orig_user_list = [ul['user_name'] for ul in iam.get_all_users(). list_users_result. users] orig_role_list = [rl['role_name'] for rl in iam.list_roles().list_roles_response. list_roles_result. roles] orig_prof_list = [ap['instance_profile_name'] for ap in iam.list_instance_profiles(). list_instance_profiles_response. list_instance_profiles_result. instance_profiles] except boto.exception.BotoServerError, err: module.fail_json(msg=err.message) if iam_type == 'user': been_updated = False
iam = boto.iam.connection.IAMConnection(**aws_connect_kwargs) except boto.exception.NoAuthHandlerFound, e: module.fail_json(msg=str(e)) result = {} changed = False try: orig_group_list = [ gl['group_name'] for gl in iam.get_all_groups().list_groups_result.groups ] orig_user_list = [ ul['user_name'] for ul in iam.get_all_users().list_users_result.users ] orig_role_list = [ rl['role_name'] for rl in iam.list_roles().list_roles_response.list_roles_result.roles ] orig_prof_list = [ ap['instance_profile_name'] for ap in iam.list_instance_profiles().list_instance_profiles_response. list_instance_profiles_result.instance_profiles ] except boto.exception.BotoServerError, err: module.fail_json(msg=err.message)
# Useful for finding IAM user corresponding to a compromised AWS credential # Requirements: # # Environmental variables: # AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY # python: # boto import boto.iam TARGET_ACCESS_KEY = 'AKIAJ7QBEUO5UA3W6YQQ' iam = boto.connect_iam(profile_name='bach') users = iam.get_all_users('/')['list_users_response']['list_users_result']['users'] def find_key(): for user in users: for key_result in \ iam.get_all_access_keys(user['user_name'])['list_access_keys_response']['list_access_keys_result'][ 'access_key_metadata']: aws_access_key = key_result['access_key_id'] if aws_access_key == TARGET_ACCESS_KEY: print('Target key belongs to:') print('user : '******'user_name']) return True return False
Boto Environment variables: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY or AWS_PROFILE """ import sys import boto.iam TARGET_ACCESS_KEYS = sys.argv[1:] iam = boto.connect_iam() users = iam.get_all_users( '/')['list_users_response']['list_users_result']['users'] def find_key(access_key): for user in users: for key_result in iam.get_all_access_keys( user['user_name'])['list_access_keys_response'][ 'list_access_keys_result']['access_key_metadata']: aws_access_key = key_result['access_key_id'] if aws_access_key == access_key: print access_key + ' : ' + user['user_name'] return True return False for access_key in TARGET_ACCESS_KEYS:
import sys if len(sys.argv) == 1: print 'Usage: \n find_iam_user AWS_ACCESS_KEY_ID' exit(1) TARGET_ACCESS_KEY = sys.argv[1] iam = boto.connect_iam() marker = None is_truncated = 'true' users = [] while is_truncated == 'true': all_users = iam.get_all_users('/',marker=marker) users += all_users['list_users_response']['list_users_result']['users'] is_truncated = all_users['list_users_response']['list_users_result']['is_truncated'] if is_truncated == 'true': marker = all_users['list_users_response']['list_users_result']['marker'] print "Found " + str(len(users)) + " users, searching..." def find_key(): for user in users: for key_result in iam.get_all_access_keys(user['user_name'])['list_access_keys_response']['list_access_keys_result']['access_key_metadata']: aws_access_key = key_result['access_key_id'] if aws_access_key == TARGET_ACCESS_KEY: print 'Target key belongs to user: '******'user_name'] return True return False