Listing AWS IAM Permission Names by System
A tiny shell script for listing the AWS IAM permission for a particular system, like “ec2” or “s3”.
Does not handle every possible case, as some URL paths are inconsistent. YMMV.
Example:
lap ~> iam-permissions ec2 | head -5
ec2:AcceptReservedInstancesExchangeQuote
ec2:AcceptVpcPeeringConnection
ec2:AllocateAddress
ec2:AllocateHosts
ec2:AssignPrivateIpAddresses
Script below…
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
#!/bin/sh # iam-permissions # Get all the IAM Permissions for a particular system by system name(s) # Author: Darren Holloway, http://www.fhf.org/ tmp=/tmp/permzzz for SYSTEM in $*; do url="http://docs.aws.amazon.com/IAM/latest/UserGuide/list_${SYSTEM}.html" status=`curl -w '%{http_code}' -s -o $tmp $url` if [ $status -eq 200 ]; then xmllint --html --xpath '//code/a' $tmp | sed "s;</a>;&口;g" | tr '口' '\n' | sed 's;^<a [^>]*>\([^<]*\)</a>$;\1;' else echo "FAILURE: Cannot find HTML page for \"$SYSTEM\"" 1>&2 echo "TRIED: $url" exit 1 fi /bin/rm -f $tmp done exit 0 |
Leave a Reply