AWS IAM Actions

• AWS Start IAM Policy Generation : Given a region, a CloudTrail ARN (where the logs are being recorded), a reference IAM ARN (whose usage we will parse), and a Service role, this will begin the generation of a IAM policy. The output is a String of the generation Id.
• AWS Attach New Policy to User: AWS Attach New Policy to User
• AWS Create IAM Policy: Given an AWS policy (as a string), and the name for the policy, this will create an IAM policy.
• AWS Create Access Key: Create a new Access Key for the User
• Create New IAM User: Create New IAM User
• Create Login profile for IAM User: Create Login profile for IAM User
• AWS Delete Access Key: Delete an Access Key for a User
• AWS Get Generated Policy: Given a Region and the ID of a policy generation job, this Action will return the policy (once it has been completed).
• AWS Get IAM Users with Old Access Keys: This Lego collects the access keys that have never been used or the access keys that have been used but are older than the threshold.
• AWS List Access Key: List all Access Keys for the User
• AWS List All IAM Users: List all AWS IAM Users
• AWS List Attached User Policies: AWS List Attached User Policies
• AWS List Expiring Access Keys: List Expiring IAM User Access Keys
• AWS List IAM Users With Old Passwords: This Lego filter gets all the IAM users' login profiles, and if the login profile is available, checks for the last password change if the password is greater than the given threshold, and lists those users.
• AWS Update Access Key: Update status of the Access Key