Skip to content
/ aws-iam-user-management Public

AWS IAM User Management Tool is a Python-based command-line utility for managing AWS IAM users efficiently. It allows administrators to automate common IAM tasks such as creating users, attaching policies, generating access keys, and cleaning up unused credentials.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

rsakib15/aws-iam-user-management

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
policies
policies
 
 
scripts
scripts
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
.python-version
.python-version
 
 
README.md
README.md
 
 
config.yaml
config.yaml
 
 
pyproject.toml
pyproject.toml
 
 
uv.lock
uv.lock
 
 

Repository files navigation

AWS IAM User Management

This project automates AWS IAM user, group, and policy management for a development team using Python and boto3. It showcases advanced IAM concepts including policy validation, MFA enforcement, cleanup automation, unit tests, and CI/CD integration. Perfect for demonstrating AWS and DevOps skills!

Features

  • Automated IAM Setup: Creates users (Alice, Bob, Charlie, Dana), groups (Developer, DBAdmin, Auditor), and policies for S3, EC2, RDS, and CloudTrail access.
  • Policy Validation: Checks for overly permissive policies (e.g., Action: *, Resource: *).
  • Cleanup Script: Safely deletes all created IAM resources.
  • Unit Tests: Uses pytest and moto to test setup logic without AWS API calls.
  • Configurable: Uses config.yaml for customizable team and permission settings.

Project Structure

aws-iam-user-management/
├── config.yaml                # Configuration for bucket, region, users
├── policies/                  # JSON policy files
├── scripts/                   # Python scripts for setup and cleanup
├── tests/                     # Unit tests
├── .github/workflows/         # GitHub Actions CI pipeline
├── .gitignore                 # Ignored files
├── README.md                  # Documentation
├── requirements.txt           # Dependencies

Prerequisites

  • AWS account with IAM administrative permissions.
  • AWS CLI configured (aws configure).
  • Python 3.8+.
  • uv for dependency management.
    • Install: curl -LsSf https://astral.sh/uv/install.sh | sh
  • An S3 bucket (e.g., my-app-bucket) for testing (AWS Free Tier recommended).

Installation

  1. Clone the repository:

    git clone https://github.com/your-username/aws-iam-user-management.git
cd aws-iam-user-management

  2. Install dependencies with uv:

    uv sync

  3. Configure AWS CLI:

    aws configure

  4. Update config.yaml with your S3 bucket name and region.

Usage

  1. Run the setup script:

    uv run python scripts/setup_iam_users.py
    • Creates users, groups, and policies as defined in config.yaml.
    • Generates console access and access keys for users.

  2. Verify in the AWS IAM console:

    • Users: Alice, Bob, Charlie, Dana.
    • Groups: DeveloperGroup, DBAdminGroup, AuditorGroup.
    • Policies: DeveloperPolicy, DBAdminPolicy, AuditorPolicy, MFAPolicy.

  3. Test access (e.g., log in as Alice with MFA, access S3/EC2).

  4. Clean up resources:

    uv run python scripts/cleanup_iam_users.py

Testing

Run unit tests with pytest:

uv run pytest tests/
  • Tests use moto to mock AWS IAM API calls.
  • Verifies configuration, policy loading, and setup logic.

About

AWS IAM User Management Tool is a Python-based command-line utility for managing AWS IAM users efficiently. It allows administrators to automate common IAM tasks such as creating users, attaching policies, generating access keys, and cleaning up unused credentials.

Topics

aws devops iam aws-cli user-management aws-iam boto3 access-management aws-tools identity-and-access-management

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages