AWS IAM operations

v0.1.2

IAM introspection — users, roles, policies, attached policies, access keys — plus incident-response mutators: deactivate access key, delete access key, detach user policy. Auth via AWS_PROFILE. Routine IAM changes belong in IaC; these actions are for emergency lockout.

Pack ID

aws-iam

Vendor

emisar

linux

Actions

Required binaries: aws. Actions that call a missing binary fail at run time — install these on the host before relying on the pack.

Install

emisar pack install validates the pack and verifies its content hash before copying it into /etc/emisar/packs. The --hash below pins the install to the exact bytes on this page — a tampered copy is rejected. After install, reload the runner; it re-reads the catalog and advertises every action.

content hash: sha256:f8366aabb167b9620fc7cca328235f148f9712ff79cc5b5ab126dde7cb979d84

on the runner host

sudo emisar pack install aws-iam \
  --hash sha256:f8366aabb167b9620fc7cca328235f148f9712ff79cc5b5ab126dde7cb979d84 \
  --dest /etc/emisar/packs

# Reload so the runner re-reads the catalog:
sudo systemctl reload emisar

Actions 11 total

View on GitHub

iam.deactivate_access_key exec critical

aws iam update-access-key --status Inactive
iam.delete_access_key exec critical

aws iam delete-access-key
iam.detach_user_policy exec high

aws iam detach-user-policy
iam.get_role exec low

aws iam get-role
iam.get_user exec low

aws iam get-user
iam.last_used_access_key exec low

aws iam get-access-key-last-used
iam.list_access_keys exec low

aws iam list-access-keys
iam.list_attached_user_policies exec low

aws iam list-attached-user-policies
iam.list_policies exec low

aws iam list-policies --scope Local
iam.list_roles exec low

aws iam list-roles
iam.list_users exec low

aws iam list-users

← Back to registry

Pack reference Publish your own →