Skip to content

Amazon Web Services Amazon Web Services: IAM - Groups

Summary

This module contains actions for viewing & managing IAM groups.

Actions

aws.iam.groups.

exists

Check if a group with the supplied name exists.

Minimum Plugin Version: 3.2.0

Input

  • aws_client: an AWSClient dictionary

  • group_name: the name of the group

Output

Outputs true if the group exists, & false if not.

Example
1
2
3
4
5
- aws.iam.groups.exists:
    group_name: EC2Admins
  load:
    aws_client: aws_secrets
  save: group_exists

aws.iam.groups.

get_all

Get all groups.

Minimum Plugin Version: 3.0.0

Input
Output

A list of IAMGroup dictionaries.

Example
1
2
3
4
- aws.iam.groups.get_all:
  load:
    aws_client: aws_secrets
  save: all_groups

aws.iam.groups.

get_by_name

Get the IAM group with the supplied name.

Minimum Plugin Version: 3.2.0

Input

  • aws_client: an AWSClient dictionary

  • group_name: the name of the user

Output

A single IAMGroup dictionary.

Example
1
2
3
4
5
- aws.iam.groups.get_by_name:
    group_name: EC2Admins
  load:
    aws_client: aws_secrets
  save: ec2_admins_group

aws.iam.groups.

input_table

Display a list of groups in a table, & allow the task operator to make a selection.

The table will have the following columns:

  • Name
  • ID
  • Resource Name

Minimum Plugin Version: 3.0.0

Input

  • text: the title of the table

  • groups: a single or list of IAMGroup dictionaries

  • minimum: The minimum number of acceptable selections

  • maximum: The maximum number of acceptable selections

Output

A list of Group dictionaries.

Tip

  • If neither a minimum or maximum is provided, the task operator will be able to submit 0 selections.

  • If minimum or maximum are provided, the operation will repeat until a valid number of selections is made.

Example

Finding groups with get_all, saving them as all_groups, & waiting for a single selection:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
- aws.iam.groups.get_all:
  load:
    aws_client: aws_secrets
  save: all_groups

- aws.iam.groups.input_table:
    text: Choose a group
    minimum: 1
    maximum: 1
  load:
    groups: all_groups
  save: selected_group

aws.iam.groups.

managed_policies_for_group

Get all managed policies attached to the supplied group.

Minimum Plugin Version: 3.0.0

Input

  • aws_client: an AWSClient dictionary

  • group_name: the name of the group

Output

A list of IAMManagedPolicy dictionaries.

Example
1
2
3
4
- aws.iam.groups.managed_policies_for_group:
  load:
    aws_client: aws_secrets
  save: managed_policies

aws.iam.groups.

output_table

Display a list of groups in a table.

The table will have the following columns:

  • Name
  • ID
  • Resource Name

Minimum Plugin Version: 3.0.0

Input

  • text: the title of the table

  • groups: a single or list of IAMGroup dictionaries

Output

Nothing is outputted by this action.

Example
1
2
3
4
5
6
7
8
9
- aws.iam.groups.get_all:
  load:
    aws_client: aws_secrets
  save: all_groups

- aws.iam.groups.output_table:
    text: All Groups
  load:
    groups: all_groups

aws.iam.groups.

users_for_group

Get all users in the supplied group.

Minimum Plugin Version: 3.2.0

Input

  • aws_client: an AWSClient dictionary

  • group_name: the name of the group

Output

A list of IAMUser dictionaries.

Example
1
2
3
4
5
- aws.iam.groups.users_for_group:
    group_name: EC2Admins
  load:
    aws_client: aws_secrets
  save: ec2_admin_users