aws_accessanalyzer_analyzeraws_accessanalyzer_findingaws_accountaws_account_alternate_contactaws_account_contactaws_acm_certificateaws_acmpca_certificate_authorityaws_amplify_appaws_api_gateway_api_keyaws_api_gateway_authorizeraws_api_gateway_domain_nameaws_api_gateway_methodaws_api_gateway_rest_apiaws_api_gateway_stageaws_api_gateway_usage_planaws_api_gatewayv2_apiaws_api_gatewayv2_domain_nameaws_api_gatewayv2_integrationaws_api_gatewayv2_routeaws_api_gatewayv2_stageaws_app_runner_serviceaws_appautoscaling_policyaws_appautoscaling_targetaws_appconfig_applicationaws_appstream_fleetaws_appstream_imageaws_appsync_graphql_apiaws_athena_query_executionaws_athena_workgroupaws_auditmanager_assessmentaws_auditmanager_controlaws_auditmanager_evidenceaws_auditmanager_evidence_folderaws_auditmanager_frameworkaws_availability_zoneaws_backup_frameworkaws_backup_jobaws_backup_legal_holdaws_backup_planaws_backup_protected_resourceaws_backup_recovery_pointaws_backup_report_planaws_backup_selectionaws_backup_vaultaws_cloudcontrol_resourceaws_cloudformation_stackaws_cloudformation_stack_resourceaws_cloudformation_stack_setaws_cloudfront_cache_policyaws_cloudfront_distributionaws_cloudfront_functionaws_cloudfront_origin_access_identityaws_cloudfront_origin_request_policyaws_cloudfront_response_headers_policyaws_cloudsearch_domainaws_cloudtrail_channelaws_cloudtrail_event_data_storeaws_cloudtrail_importaws_cloudtrail_lookup_eventaws_cloudtrail_queryaws_cloudtrail_trailaws_cloudtrail_trail_eventaws_cloudwatch_alarmaws_cloudwatch_log_eventaws_cloudwatch_log_groupaws_cloudwatch_log_metric_filteraws_cloudwatch_log_resource_policyaws_cloudwatch_log_streamaws_cloudwatch_log_subscription_filteraws_cloudwatch_metricaws_cloudwatch_metric_data_pointaws_cloudwatch_metric_statistic_data_pointaws_codeartifact_domainaws_codeartifact_repositoryaws_codebuild_buildaws_codebuild_projectaws_codebuild_source_credentialaws_codecommit_repositoryaws_codedeploy_appaws_codedeploy_deployment_configaws_codedeploy_deployment_groupaws_codepipeline_pipelineaws_codestar_notification_ruleaws_cognito_identity_poolaws_cognito_identity_provideraws_cognito_user_poolaws_config_aggregate_authorizationaws_config_configuration_recorderaws_config_conformance_packaws_config_retention_configurationaws_config_ruleaws_cost_by_account_dailyaws_cost_by_account_monthlyaws_cost_by_record_type_dailyaws_cost_by_record_type_monthlyaws_cost_by_service_dailyaws_cost_by_service_monthlyaws_cost_by_service_usage_type_dailyaws_cost_by_service_usage_type_monthlyaws_cost_by_tagaws_cost_forecast_dailyaws_cost_forecast_monthlyaws_cost_usageaws_dax_clusteraws_dax_parameteraws_dax_parameter_groupaws_dax_subnet_groupaws_directory_service_certificateaws_directory_service_directoryaws_directory_service_log_subscriptionaws_directory_servicelog_subscriptionaws_dlm_lifecycle_policyaws_dms_certificateaws_dms_endpointaws_dms_replication_instanceaws_dms_replication_taskaws_docdb_clusteraws_docdb_cluster_instanceaws_docdb_cluster_snapshotaws_drs_jobaws_drs_recovery_instanceaws_drs_recovery_snapshotaws_drs_source_serveraws_dynamodb_backupaws_dynamodb_global_tableaws_dynamodb_metric_account_provisioned_read_capacity_utilaws_dynamodb_metric_account_provisioned_write_capacity_utilaws_dynamodb_tableaws_dynamodb_table_exportaws_ebs_snapshotaws_ebs_volumeaws_ebs_volume_metric_read_opsaws_ebs_volume_metric_read_ops_dailyaws_ebs_volume_metric_read_ops_hourlyaws_ebs_volume_metric_write_opsaws_ebs_volume_metric_write_ops_dailyaws_ebs_volume_metric_write_ops_hourlyaws_ec2_amiaws_ec2_ami_sharedaws_ec2_application_load_balanceraws_ec2_application_load_balancer_metric_request_countaws_ec2_application_load_balancer_metric_request_count_dailyaws_ec2_autoscaling_groupaws_ec2_capacity_reservationaws_ec2_classic_load_balanceraws_ec2_client_vpn_endpointaws_ec2_gateway_load_balanceraws_ec2_instanceaws_ec2_instance_availabilityaws_ec2_instance_metric_cpu_utilizationaws_ec2_instance_metric_cpu_utilization_dailyaws_ec2_instance_metric_cpu_utilization_hourlyaws_ec2_instance_typeaws_ec2_key_pairaws_ec2_launch_configurationaws_ec2_launch_templateaws_ec2_launch_template_versionaws_ec2_load_balancer_listeneraws_ec2_load_balancer_listener_ruleaws_ec2_managed_prefix_listaws_ec2_managed_prefix_list_entryaws_ec2_network_interfaceaws_ec2_network_load_balanceraws_ec2_network_load_balancer_metric_net_flow_countaws_ec2_network_load_balancer_metric_net_flow_count_dailyaws_ec2_regional_settingsaws_ec2_reserved_instanceaws_ec2_spot_priceaws_ec2_ssl_policyaws_ec2_target_groupaws_ec2_transit_gatewayaws_ec2_transit_gateway_routeaws_ec2_transit_gateway_route_tableaws_ec2_transit_gateway_vpc_attachmentaws_ecr_imageaws_ecr_image_scan_findingaws_ecr_registry_scanning_configurationaws_ecr_repositoryaws_ecrpublic_repositoryaws_ecs_clusteraws_ecs_cluster_metric_cpu_utilizationaws_ecs_cluster_metric_cpu_utilization_dailyaws_ecs_cluster_metric_cpu_utilization_hourlyaws_ecs_container_instanceaws_ecs_serviceaws_ecs_taskaws_ecs_task_definitionaws_efs_access_pointaws_efs_file_systemaws_efs_mount_targetaws_eks_addonaws_eks_addon_versionaws_eks_clusteraws_eks_fargate_profileaws_eks_identity_provider_configaws_eks_node_groupaws_elastic_beanstalk_applicationaws_elastic_beanstalk_application_versionaws_elastic_beanstalk_environmentaws_elasticache_clusteraws_elasticache_parameter_groupaws_elasticache_redis_metric_cache_hits_hourlyaws_elasticache_redis_metric_curr_connections_hourlyaws_elasticache_redis_metric_engine_cpu_utilization_dailyaws_elasticache_redis_metric_engine_cpu_utilization_hourlyaws_elasticache_redis_metric_get_type_cmds_hourlyaws_elasticache_redis_metric_list_based_cmds_hourlyaws_elasticache_redis_metric_new_connections_hourlyaws_elasticache_replication_groupaws_elasticache_reserved_cache_nodeaws_elasticache_subnet_groupaws_elasticsearch_domainaws_emr_block_public_access_configurationaws_emr_clusteraws_emr_cluster_metric_is_idleaws_emr_instanceaws_emr_instance_fleetaws_emr_instance_groupaws_emr_security_configurationaws_eventbridge_busaws_eventbridge_ruleaws_fms_app_listaws_fms_policyaws_fsx_file_systemaws_glacier_vaultaws_globalaccelerator_acceleratoraws_globalaccelerator_endpoint_groupaws_globalaccelerator_listeneraws_glue_catalog_databaseaws_glue_catalog_tableaws_glue_connectionaws_glue_crawleraws_glue_data_catalog_encryption_settingsaws_glue_data_quality_rulesetaws_glue_dev_endpointaws_glue_jobaws_glue_security_configurationaws_guardduty_detectoraws_guardduty_filteraws_guardduty_findingaws_guardduty_ipsetaws_guardduty_memberaws_guardduty_publishing_destinationaws_guardduty_threat_intel_setaws_health_affected_entityaws_health_eventaws_iam_access_advisoraws_iam_access_keyaws_iam_account_password_policyaws_iam_account_summaryaws_iam_actionaws_iam_credential_reportaws_iam_groupaws_iam_open_id_connect_provideraws_iam_policyaws_iam_policy_attachmentaws_iam_policy_simulatoraws_iam_roleaws_iam_saml_provideraws_iam_server_certificateaws_iam_service_specific_credentialaws_iam_useraws_iam_virtual_mfa_deviceaws_identitystore_groupaws_identitystore_group_membershipaws_identitystore_useraws_inspector2_coverageaws_inspector2_coverage_statisticsaws_inspector2_findingaws_inspector2_memberaws_inspector_assessment_runaws_inspector_assessment_targetaws_inspector_assessment_templateaws_inspector_exclusionaws_inspector_findingaws_iot_fleet_metricaws_iot_thingaws_iot_thing_groupaws_iot_thing_typeaws_kinesis_consumeraws_kinesis_firehose_delivery_streamaws_kinesis_streamaws_kinesis_video_streamaws_kinesisanalyticsv2_applicationaws_kms_aliasaws_kms_keyaws_kms_key_rotationaws_lambda_aliasaws_lambda_event_source_mappingaws_lambda_functionaws_lambda_function_metric_duration_dailyaws_lambda_function_metric_errors_dailyaws_lambda_function_metric_invocations_dailyaws_lambda_layeraws_lambda_layer_versionaws_lambda_versionaws_lightsail_bucketaws_lightsail_instanceaws_macie2_classification_jobaws_media_store_containeraws_memorydb_clusteraws_mgn_applicationaws_mq_brokeraws_msk_clusteraws_msk_serverless_clusteraws_neptune_db_clusteraws_neptune_db_cluster_snapshotaws_networkfirewall_firewallaws_networkfirewall_firewall_policyaws_networkfirewall_rule_groupaws_oam_linkaws_oam_sinkaws_opensearch_domainaws_organizations_accountaws_organizations_organizational_unitaws_organizations_policyaws_organizations_policy_targetaws_organizations_rootaws_pinpoint_appaws_pipes_pipeaws_pricing_productaws_pricing_service_attributeaws_ram_principal_associationaws_ram_resource_associationaws_rds_db_clusteraws_rds_db_cluster_parameter_groupaws_rds_db_cluster_snapshotaws_rds_db_engine_versionaws_rds_db_event_subscriptionaws_rds_db_instanceaws_rds_db_instance_automated_backupaws_rds_db_instance_metric_connectionsaws_rds_db_instance_metric_connections_dailyaws_rds_db_instance_metric_connections_hourlyaws_rds_db_instance_metric_cpu_utilizationaws_rds_db_instance_metric_cpu_utilization_dailyaws_rds_db_instance_metric_cpu_utilization_hourlyaws_rds_db_instance_metric_read_iopsaws_rds_db_instance_metric_read_iops_dailyaws_rds_db_instance_metric_read_iops_hourlyaws_rds_db_instance_metric_write_iopsaws_rds_db_instance_metric_write_iops_dailyaws_rds_db_instance_metric_write_iops_hourlyaws_rds_db_option_groupaws_rds_db_parameter_groupaws_rds_db_proxyaws_rds_db_recommendationaws_rds_db_snapshotaws_rds_db_subnet_groupaws_rds_reserved_db_instanceaws_redshift_clusteraws_redshift_cluster_metric_cpu_utilization_dailyaws_redshift_event_subscriptionaws_redshift_parameter_groupaws_redshift_snapshotaws_redshift_subnet_groupaws_redshiftserverless_namespaceaws_redshiftserverless_workgroupaws_regionaws_resource_explorer_indexaws_resource_explorer_searchaws_resource_explorer_supported_resource_typeaws_route53_domainaws_route53_health_checkaws_route53_query_logaws_route53_recordaws_route53_resolver_endpointaws_route53_resolver_query_log_configaws_route53_resolver_ruleaws_route53_traffic_policyaws_route53_traffic_policy_instanceaws_route53_vpc_association_authorizationaws_route53_zoneaws_s3_access_pointaws_s3_account_settingsaws_s3_bucketaws_s3_bucket_intelligent_tiering_configurationaws_s3_multi_region_access_pointaws_s3_objectaws_s3_object_versionaws_sagemaker_appaws_sagemaker_domainaws_sagemaker_endpoint_configurationaws_sagemaker_modelaws_sagemaker_notebook_instanceaws_sagemaker_training_jobaws_secretsmanager_secretaws_securityhub_action_targetaws_securityhub_enabled_product_subscriptionaws_securityhub_findingaws_securityhub_finding_aggregatoraws_securityhub_hubaws_securityhub_insightaws_securityhub_memberaws_securityhub_productaws_securityhub_standards_controlaws_securityhub_standards_subscriptionaws_securitylake_data_lakeaws_securitylake_subscriberaws_serverlessapplicationrepository_applicationaws_service_discovery_instanceaws_service_discovery_namespaceaws_service_discovery_serviceaws_servicecatalog_portfolioaws_servicecatalog_productaws_servicecatalog_provisioned_productaws_servicequotas_default_service_quotaaws_servicequotas_serviceaws_servicequotas_service_quotaaws_servicequotas_service_quota_change_requestaws_ses_domain_identityaws_ses_email_identityaws_sfn_state_machineaws_sfn_state_machine_executionaws_sfn_state_machine_execution_historyaws_simspaceweaver_simulationaws_sns_subscriptionaws_sns_topicaws_sns_topic_subscriptionaws_sqs_queueaws_ssm_associationaws_ssm_documentaws_ssm_document_permissionaws_ssm_inventoryaws_ssm_inventory_entryaws_ssm_maintenance_windowaws_ssm_managed_instanceaws_ssm_managed_instance_complianceaws_ssm_managed_instance_patch_stateaws_ssm_parameteraws_ssm_patch_baselineaws_ssmincidents_response_planaws_ssoadmin_account_assignmentaws_ssoadmin_instanceaws_ssoadmin_managed_policy_attachmentaws_ssoadmin_permission_setaws_sts_caller_identityaws_tagging_resourceaws_timestreamwrite_databaseaws_timestreamwrite_tableaws_transfer_serveraws_transfer_useraws_trusted_advisor_check_summaryaws_vpcaws_vpc_customer_gatewayaws_vpc_dhcp_optionsaws_vpc_egress_only_internet_gatewayaws_vpc_eipaws_vpc_eip_address_transferaws_vpc_endpointaws_vpc_endpoint_serviceaws_vpc_flow_logaws_vpc_flow_log_eventaws_vpc_internet_gatewayaws_vpc_nat_gatewayaws_vpc_nat_gateway_metric_bytes_out_to_destinationaws_vpc_network_aclaws_vpc_peering_connectionaws_vpc_routeaws_vpc_route_tableaws_vpc_security_groupaws_vpc_security_group_ruleaws_vpc_subnetaws_vpc_verified_access_endpointaws_vpc_verified_access_groupaws_vpc_verified_access_instanceaws_vpc_verified_access_trust_provideraws_vpc_vpn_connectionaws_vpc_vpn_gatewayaws_waf_rate_based_ruleaws_waf_ruleaws_waf_rule_groupaws_waf_web_aclaws_wafregional_ruleaws_wafregional_rule_groupaws_wafregional_web_aclaws_wafv2_ip_setaws_wafv2_regex_pattern_setaws_wafv2_rule_groupaws_wafv2_web_aclaws_wellarchitected_answeraws_wellarchitected_check_detailaws_wellarchitected_check_summaryaws_wellarchitected_consolidated_reportaws_wellarchitected_lensaws_wellarchitected_lens_reviewaws_wellarchitected_lens_review_improvementaws_wellarchitected_lens_review_reportaws_wellarchitected_lens_shareaws_wellarchitected_milestoneaws_wellarchitected_notificationaws_wellarchitected_share_invitationaws_wellarchitected_workloadaws_wellarchitected_workload_shareaws_workspaces_directoryaws_workspaces_workspace
Table: aws_iam_user - Query AWS IAM User using SQL
The AWS Identity and Access Management (IAM) User is a resource that represents an individual or application that interacts with AWS. It contains the name, credentials, and permissions to access AWS resources. IAM Users enable the security best practice of granting least privilege, which means granting only the permissions required to perform a task.
Table Usage Guide
The aws_iam_user table in Steampipe provides you with information about IAM users within AWS Identity and Access Management (IAM). This table allows you, as a DevOps engineer, to query user-specific details, including user ID, name, path, and creation date. You can utilize this table to gather insights on user permissions, access keys, and associated metadata. The schema outlines the various attributes of the IAM user, including the user ARN, creation date, attached policies, and associated tags for you.
Examples
Basic IAM user info
Discover the segments that provide details about users in your AWS IAM, including when they were created and when they last used their password. This can be useful for auditing user activity and maintaining security compliance.
select name, user_id, path, create_date, password_last_usedfrom aws_iam_user;select name, user_id, path, create_date, password_last_usedfrom aws_iam_user;Groups details to which the IAM user belongs
Determine the affiliations of individual IAM users by identifying the groups they are a part of, providing insights into user access and permissions management within your AWS environment.
select name as user_name, iam_group ->> 'GroupName' as group_name, iam_group ->> 'GroupId' as group_id, iam_group ->> 'CreateDate' as create_datefrom aws_iam_user cross join jsonb_array_elements(groups) as iam_group;select name as user_name, json_extract(iam_group, '$.GroupName') as group_name, json_extract(iam_group, '$.GroupId') as group_id, json_extract(iam_group, '$.CreateDate') as create_datefrom aws_iam_user, json_each(groups) as iam_group;List all the users having Administrator access
This query helps identify users who have been granted administrator access in an AWS environment. It's useful for auditing user permissions and ensuring only authorized individuals have such high-level access.
select name as user_name, split_part(attachments, '/', 2) as attached_policiesfrom aws_iam_user cross join jsonb_array_elements_text(attached_policy_arns) as attachmentswhere split_part(attachments, '/', 2) = 'AdministratorAccess';select name as user_name, json_extract(attachments, '$[1]') as attached_policiesfrom aws_iam_user cross join json_each(attached_policy_arns) as attachmentswhere json_extract(attachments, '$[1]') = 'AdministratorAccess';List all the users for whom MFA is not enabled
Discover the users who have not enabled multi-factor authentication, allowing you to identify potential security risks and ensure all accounts are adequately protected.
select name, user_id, mfa_enabledfrom aws_iam_userwhere not mfa_enabled;select name, user_id, mfa_enabledfrom aws_iam_userwhere mfa_enabled = 0;List the policies attached to each IAM user
Determine the areas in which specific access controls are applied by identifying the policies attached to each user in your AWS IAM service. This can help ensure appropriate security measures are in place and assist in auditing user access rights.
select name as user_name, split_part(attachments, '/', 2) as attached_policiesfrom aws_iam_user cross join jsonb_array_elements_text(attached_policy_arns) as attachments;select name as user_name, json_extract(attachments, '$[1]') as attached_policiesfrom aws_iam_user, json_each(attached_policy_arns) as attachments;Find users that have inline policies
Identify instances where AWS IAM users have inline policies attached to their accounts. This is useful for security audits, as inline policies can grant or deny permissions to AWS services and resources.
select name as user_name, inline_policiesfrom aws_iam_userwhere inline_policies is not null;select name as user_name, inline_policiesfrom aws_iam_userwhere inline_policies is not null;Query examples
- iam_all_policies_for_user
- iam_boundary_policy_for_user
- iam_groups_for_iam_user
- iam_groups_for_user
- iam_policies_for_iam_user
- iam_policy_tags
- iam_user_by_creation_month
- iam_user_by_path
- iam_user_console_password
- iam_user_count
- iam_user_direct_attached_policy_count_for_user
- iam_user_excessive_permissions_count
- iam_user_excessive_permissions_report
- iam_user_inline_policy_count_for_user
- iam_user_input
- iam_user_manage_policies_sankey
- iam_user_mfa_devices
- iam_user_mfa_for_user
- iam_user_mfa_table
- iam_user_no_boundary_count
- iam_user_no_mfa_count
- iam_user_overview
- iam_user_tags
- iam_user_with_excessive_permissions_count
- iam_users_by_account
- iam_users_by_boundary_policy
- iam_users_for_iam_policy
- iam_users_with_direct_attached_policy
- iam_users_with_direct_attached_policy_count
- iam_users_with_inline_policy
- iam_users_with_inline_policy_count
Control examples
- All Controls > IAM > Ensure access to AWSCloudShellFullAccess is restricted
- All Controls > IAM > Ensure IAM policies are attached only to groups or roles
- All Controls > IAM > Ensure there is only one active access key available for any single IAM user
- All Controls > IAM > IAM administrator users should have MFA enabled
- All Controls > IAM > IAM inline policy should not have administrative privileges
- All Controls > IAM > IAM roles should not have any assume role policies attached
- All Controls > IAM > IAM users should have hardware MFA enabled
- All Controls > KMS > KMS key decryption should be restricted in IAM inline policy
- AWS Foundational Security Best Practices > IAM > 2 IAM users should not have IAM policies attached
- AWS Foundational Security Best Practices > KMS > 2 IAM principals should not have IAM inline policies that allow decryption actions on all KMS keys
- CIS v1.2.0 > 1 Identity and Access Management > 1.16 Ensure IAM policies are attached only to groups or roles
- CIS v1.3.0 > 1 Identity and Access Management > 1.13 Ensure there is only one active access key available for any single IAM user
- CIS v1.3.0 > 1 Identity and Access Management > 1.15 Ensure IAM Users Receive Permissions Only Through Groups
- CIS v1.4.0 > 1 Identity and Access Management > 1.13 Ensure there is only one active access key available for any single IAM user
- CIS v1.4.0 > 1 Identity and Access Management > 1.15 Ensure IAM Users Receive Permissions Only Through Groups
- CIS v1.5.0 > 1 Identity and Access Management > 1.13 Ensure there is only one active access key available for any single IAM user
- CIS v1.5.0 > 1 Identity and Access Management > 1.15 Ensure IAM Users Receive Permissions Only Through Groups
- CIS v2.0.0 > 1 Identity and Access Management > 1.13 Ensure there is only one active access key available for any single IAM user
- CIS v2.0.0 > 1 Identity and Access Management > 1.15 Ensure IAM Users Receive Permissions Only Through Groups
- CIS v2.0.0 > 1 Identity and Access Management > 1.22 Ensure access to AWSCloudShellFullAccess is restricted
- CIS v3.0.0 > 1 Identity and Access Management > 1.13 Ensure there is only one active access key available for any single IAM user
- CIS v3.0.0 > 1 Identity and Access Management > 1.15 Ensure IAM Users Receive Permissions Only Through Groups
- CIS v3.0.0 > 1 Identity and Access Management > 1.22 Ensure access to AWSCloudShellFullAccess is restricted
- Ensure inline policies attached to IAM users, roles, and groups should not allow blocked actions on KMS keys
- IAM groups, users, and roles should not have any inline policies
- IAM policy should be in use
- IAM user should not have any inline or attached policies
- IAM users should be in at least one group
Schema for aws_iam_user
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form. | |
| account_id | text | =, !=, ~~, ~~*, !~~, !~~* | The AWS Account ID in which the resource is located. |
| akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
| arn | text | = | The Amazon Resource Name (ARN) that identifies the user. |
| attached_policy_arns | jsonb | A list of managed policies attached to the user. | |
| create_date | timestamp with time zone | The date and time, when the user was created. | |
| groups | jsonb | A list of groups attached to the user. | |
| inline_policies | jsonb | A list of policy documents that are embedded as inline policies for the user. | |
| inline_policies_std | jsonb | Inline policies in canonical form for the user. | |
| login_profile | jsonb | Contains the user name and password create date for a user. | |
| mfa_devices | jsonb | A list of MFA devices attached to the user. | |
| mfa_enabled | boolean | The MFA status of the user. | |
| name | text | = | The friendly name identifying the user. |
| partition | text | The AWS partition in which the resource is located (aws, aws-cn, or aws-us-gov). | |
| password_last_used | timestamp with time zone | The date and time, when the user's password was last used to sign in to an AWS website. | |
| path | text | = | The path to the user. |
| permissions_boundary_arn | text | The ARN of the policy used to set the permissions boundary for the user. | |
| permissions_boundary_type | text | The permissions boundary usage type that indicates what type of IAM resource is used as the permissions boundary for an entity. This data type can only have a value of Policy. | |
| region | text | The AWS Region in which the resource is located. | |
| sp_connection_name | text | =, !=, ~~, ~~*, !~~, !~~* | Steampipe connection name. |
| sp_ctx | jsonb | Steampipe context in JSON form. | |
| tags | jsonb | A map of tags for the resource. | |
| tags_src | jsonb | A list of tags that are attached to the user. | |
| title | text | Title of the resource. | |
| user_id | text | The stable and unique string identifying the user. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- awsYou can pass the configuration to the command with the --config argument:
steampipe_export_aws --config '<your_config>' aws_iam_user