pataiji · September 7, 2021 08:00
diff --git a/list_iam_user_policies.sh b/list_iam_user_policies.sh
 #!/bin/bash

 users=$(aws iam list-users --query 'Users[].UserName' --output text)

 for user in $users; do
  mkdir -p "$user"

  policyNames=$(aws iam list-user-policies --user-name "$user" --query 'PolicyNames[]' --output text)
  for policyName in $policyNames; do
    aws iam get-user-policy --user-name "$user" --policy-name "$policyName" --output json > "${user}/${policyName}"
  done

  attachedPolicyArns=$(aws iam list-attached-user-policies --user-name "$user" --query 'AttachedPolicies[].PolicyArn' --output text)
  for policyArn in $attachedPolicyArns; do
    aws iam get-policy --policy-arn "$policyArn" --output json > "iam_user_policies/${user}/$(basename ${policyArn})"
  done
 done
	#!/bin/bash

	users=$(aws iam list-users --query 'Users[].UserName' --output text)

	for user in $users; do
	mkdir -p "$user"

	policyNames=$(aws iam list-user-policies --user-name "$user" --query 'PolicyNames[]' --output text)
	for policyName in $policyNames; do
	aws iam get-user-policy --user-name "$user" --policy-name "$policyName" --output json > "${user}/${policyName}"
	done

	attachedPolicyArns=$(aws iam list-attached-user-policies --user-name "$user" --query 'AttachedPolicies[].PolicyArn' --output text)
	for policyArn in $attachedPolicyArns; do
	aws iam get-policy --policy-arn "$policyArn" --output json > "iam_user_policies/${user}/$(basename ${policyArn})"
	done
	done