Skip to content
/ aws-ssoreporting Public

Hacked together Python script that uses the SCIM protocol to get a report of AWS SSO users and associated group membership

9 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dustintodd123/aws-ssoreporting

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
README.md
README.md
 
 
aws-accessreview.py
aws-accessreview.py
 
 
aws-ssoreporting.py
aws-ssoreporting.py
 
 

Repository files navigation

aws-ssoreporting

Thank you very little AWS API team responsible for SSO. Background is here: aws/aws-sdk#109 I needed a down and dirty script to report AWS SSO users and groups. Why AWS makes this so hard is just beyond reason. To run this you need:

  1. A file with every email address in your directory. The CSV needs a header row. Put the email address column name in --colname paramter.
  2. AWS SSO automatic provsioning enabled. This enables the SCIM API for your SSO instance.
  3. AWS SSO SCIM URL stored in env variable URL. Found in the AWS SSO console.
  4. AWS SSO SCIM auth token stored in env variable SCIMTOKEN. Found in the AWS SSO console.

python aws-ssoreporting.py --infile=<emails_file> --outfile=<report_file> --colname=<email_addr_column_name>

Output rpt file is one row for every group a user is a member of like so:

email,firstname,lastname,groupname

About

Hacked together Python script that uses the SCIM protocol to get a report of AWS SSO users and associated group membership

Topics

aws sso compliance scim

Resources

Readme
Activity

Stars

9 stars

Watchers

1 watching

Forks

1 fork
Report repository

Contributors 2

  •  
  •  

Languages