Retrieves general account information about including IAM users, groups, roles, and policies, and their relationships to one another. These are meant to be non-destructive enumeration commands. They only retrieve information. They do not modify resources.
Official AWS IAM CLI documentation: https://awscli.amazonaws.com/v2/documentation/api/latest/reference/iam/index.html
aws sts get-caller-identity # Returns details about the IAM user or role whose credentials are used to call the operation. While not an IAM command (it's an STS command), this is often the first command that gets used for IAM enumeration which is why it's included here.
No policy can deny issuing this command since it gives the same information when access is denied. More on that here: https://awscli.amazonaws.com/v2/documentation/api/latest/reference/sts/get-caller-identity.html
1. Collect Information about IAM Users
2. Enumerate IAM Groups and Membership
3. Examine IAM Roles
4. Review IAM Policies
aws iam get-account-authorization-details
# Gives a snapshot of the configuration of IAM permissions (users, groups, roles, and policies) and their relationships in your account.
aws iam list-users
aws iam list-service-specific-credentials
# Get service-specific credentials associated with the IAM user
aws iam get-user --user-name <username>