Find AWS User using Access Key

Find AWS User using Access Key

This can be unlikely, but you might need to find a user to which a certain AWS access key is related to. It can happen when working on a fairly large Amazon Web Services (AWS) infrastructure that you come across a random AWS Access Key. To make things more interesting, you don’t know which user does this access key belong to.

Find AWS User using Access Key

Thankfully the AWS SDK are there to help. I have been using Python Boto for a lot of my operational scripts while working with AWS.

I have a small script which helps me find AWS User using Access Key.

import boto.iam

search_access_key = 'APKA9ONS7QCOWEXAMPLE'

iam = boto.connect_iam()

user_list = iam.get_all_users('/')['list_users_response']['list_users_result']['users']

def searchKey():
    for user in user_list:
        for key_data in iam.get_all_access_keys(user['user_name'])['list_access_keys_response']['list_access_keys_result']['access_key_metadata']:
            aws_access_key = key_data['access_key_id']
            if aws_access_key == search_access_key:
                print 'The key is owned by user: ' + user['user_name']
                return True
    return False

if not searchKey():
    print 'Unable to find access key (' + search_access_key + ') in ' + str(len(user_list)) + ' IAM users.'

The execution of the above script should provide you the AWS IAM Use to which the access key belongs to.

Sample output:

[[email protected] ~/Scripts]$ ./
The key is owned by user: my_ops_user

Find AWS User using Access Key

No Comments

Post a Comment

Time limit is exhausted. Please reload CAPTCHA.