Cheatsheet for AWS CLI

IAM Users

List IAM users

aws iam list-users

Retrieve a user's key

aws iam list-access-keys --user-name admin

IAM Roles

List IAM roles

aws iam list-roles

Root user

If an AWS Account is a member of AWS Organization, we can run the command to retrieve root's email

aws organizations describe-organization

IAM Groups

List IAM groups

aws iam list-groups

Retrieve an IAM group

aws iam get-group --group-game $GROUP_NAME

IAM Credentials

API Access Keys

Set Acccess Key active/inactive

# Set inactive
aws iam update-access-key --access-key-id $ACCESS_KEY_VALUE --status Inactive

# Set active
aws iam update-access-key --access-key-id $ACCESS_KEY_VALUE --status Active

Delete an Access Key

aws iam delete-access-key --access-key-id $ACCESS_KEY_VALUE

Create a long-term Access Key

aws iam create-access-key --user-name $USERNAME

To generate a Session Key

aws sts get-session-token

MFA

Check if user has MFA enabled

aws iam list-mfa-devices --user-name $USERNAME

IAM Permissions

IAM Policy

List policy

aws iam list-policy

Retrieve a policy

aws iam get-policy --policy-arn $POLICY_ARN

S3

List S3 buckets

aws s3api list-buckets

Retrieve a bucket policy

aws s3api get-buket-policy --bucket $BUCKET_NAME

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

aws-cli.md

aws-cli.md

Cheatsheet for AWS CLI

IAM Users

IAM Roles

Root user

IAM Groups

IAM Credentials

API Access Keys

MFA

IAM Permissions

IAM Policy

S3

Files

aws-cli.md

Latest commit

History

aws-cli.md

File metadata and controls

Cheatsheet for AWS CLI

IAM Users

IAM Roles

Root user

IAM Groups

IAM Credentials

API Access Keys

MFA

IAM Permissions

IAM Policy

S3