Creating, Deleting, Attaching Policies of IAM users using Python3 in AWS:

⭐️ AWS Account Required

⭐️ Python3 required

What is Python?

Python is an interpreted, object-oriented, high-level programming language with dynamic semantics. It’s high-level built-in data structures, combined with dynamic typing and dynamic binding, make it very attractive for Rapid Application Development, as well as for use as a scripting or glue language to connect existing components together. Python’s simple, easy to learn syntax emphasizes readability and therefore reduces the cost of program maintenance. Python supports modules and packages, which encourages program modularity and code reuse. The Python interpreter and the extensive standard library are available in source or binary form without charge for all major platforms and can be freely distributed.

Run Python Safely (no hardcoded credentials)

Similar to other applications such as terraform Python will read the shared credentials file that is stored in your local machine if you have run AWS configure. This is the safest way to execute the functions without hardcoding your credentials into your code (BIG NO! NO!). I will often add additional commands to this lab that will make it easy for everyone to simply copy and paste and add functionality to your daily tasks, without having to sign in to your account.

running aws configure in your local terminal

Using Python3 to create IAM users in AWS

Detaching the user policy

Before deleting the IAM user you must detach the user policy first then execute the user deletion.

You can attach any user policy in this example by navigating to the IAM service in your AWS account and copy the PolicyARN.

Where to find policies in AWS IAM
Policy ARN (Amazon Resource Name)

The outcome from above .py files in AWS:

In your local terminal run python3 then check your AWS IAM service to see if the user was created and the policy was attached.

User was created
Policy attached

Now we need to delete this user…but prior to doing so we must detach the user policy from our “pythontestuser” and then delete the user. Run python3 Watch the user vanish from your IAM service in AWS.

All done until next time…come back for more updates.

Find most of the documentation for boto3 and aws here:

DevOps Engineer at ThreatConnect Inc. — AWS Certified DevOps Professional/Security Specialty/SAA, Gitlab Certified, Terraform Associate.