in internal/resources/providers/awslib/iam/user.go [46:118]
func (p Provider) GetUsers(ctx context.Context) ([]awslib.AwsResource, error) {
apiUsers, err := p.listUsers(ctx)
if err != nil {
return nil, err
}
credentialReport, err := p.getCredentialReport(ctx)
if err != nil {
return nil, err
}
rootUser := p.getRootAccountUser(credentialReport[rootAccount])
if rootUser != nil {
apiUsers = append(apiUsers, *rootUser)
}
users := make([]awslib.AwsResource, 0, len(apiUsers))
var userAccount *CredentialReport
for _, apiUser := range apiUsers {
var username string
if apiUser.UserName != nil {
username = *apiUser.UserName
}
var arn string
if apiUser.Arn != nil {
arn = *apiUser.Arn
}
keys := p.getUserKeys(*apiUser.UserName, credentialReport)
if userAccount = credentialReport[aws.ToString(apiUser.UserName)]; userAccount == nil {
continue
}
mfaDevices, err := p.getMFADevices(ctx, apiUser, userAccount)
if err != nil {
p.log.Errorf("fail to list mfa device for user: %s, error: %v", username, err)
}
pwdEnabled, err := isPasswordEnabled(userAccount)
if err != nil {
p.log.Errorf("fail to parse PasswordEnabled for user: %s, error: %v", username, err)
pwdEnabled = false
}
inlinePolicies, err := p.listInlinePolicies(ctx, apiUser.UserName)
if err != nil && !isRootUser(username) {
p.log.Errorf("fail to list inline policies for user: %s, error: %v", username, err)
}
attachedPolicies, err := p.listAttachedPolicies(ctx, apiUser.UserName)
if err != nil && !isRootUser(username) {
p.log.Errorf("fail to list attached policies for user: %s, error: %v", username, err)
}
users = append(users, User{
AccessKeys: keys,
MFADevices: mfaDevices,
InlinePolicies: inlinePolicies,
AttachedPolicies: attachedPolicies,
Name: username,
LastAccess: userAccount.PasswordLastUsed,
Arn: arn,
PasswordLastChanged: userAccount.PasswordLastChanged,
PasswordEnabled: pwdEnabled,
MfaActive: userAccount.MfaActive,
UserId: pointers.Deref(apiUser.UserId),
})
}
return users, nil
}