{"id":13821157,"url":"https://github.com/jsmartin/iamsync","last_synced_at":"2026-01-23T01:06:06.165Z","repository":{"id":3671027,"uuid":"4740172","full_name":"jsmartin/iamsync","owner":"jsmartin","description":"copies IAM users, groups, and policies from one AWS account to another","archived":false,"fork":false,"pushed_at":"2012-06-21T16:01:03.000Z","size":112,"stargazers_count":5,"open_issues_count":0,"forks_count":3,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-11-19T21:35:58.524Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/jsmartin.png","metadata":{"files":{"readme":"README","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2012-06-21T14:34:16.000Z","updated_at":"2021-12-04T02:34:12.000Z","dependencies_parsed_at":"2022-08-19T01:00:20.730Z","dependency_job_id":null,"html_url":"https://github.com/jsmartin/iamsync","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jsmartin%2Fiamsync","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jsmartin%2Fiamsync/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jsmartin%2Fiamsync/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/jsmartin%2Fiamsync/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/jsmartin","download_url":"https://codeload.github.com/jsmartin/iamsync/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254530576,"owners_count":22086640,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T08:01:16.489Z","updated_at":"2026-01-23T01:06:06.112Z","avatar_url":"https://github.com/jsmartin.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"iamsync is a utility to copy IAM users, groups, and policies from one AWS \naccount to another.  This is particularly useful if you have separate\nAWS accounts for dev, qa, production and want to mirror the IAM setup.\n\nRequirements:\n\nYou need 2 AWS accounts (obviously)\nYou need to create a IAM user on each of these accounts that has enough\nprivledges to list users on the source, and list/create users, groups, and \npolicies on the destination.\nYou need to create a configuration file that specifies the credentials\nfor both accounts (see config).\n\n\nUsage:\n\niamsync.py -h\nusage: iamsync.py [-h] [-c my_config_file]\n                  [-g office_drones [office_drones ...]] [--group-policies]\n                  [-r] [-s foo bar bibam bop [foo bar bibam bop ...]]\n                  [-u jdoe [jdoe ...]] [--user-policies]\n\nSyncs IAM resources from one account to another.\n\noptional arguments:\n  -h, --help            show this help message and exit\n  -c my_config_file, --config-file my_config_file\n                        config file containing source and destination access\n                        keys\n  -g office_drones [office_drones ...], --groups office_drones [office_drones ...]\n                        space separated list of groups\n  --group-policies      copy policies with group\n  -r, --recursive       recursively copy users with group\n  -s foo bar bibam bop [foo bar bibam bop ...], --substitute foo bar bibam bop [foo bar bibam bop ...]\n                        simple find and replace for arns injson policy in case\n                        you want to change a s3 target when copying policy\n  -u jdoe [jdoe ...], --users jdoe [jdoe ...]\n                        space separated list of users\n  --user-policies       copy policies with user\n  \n  \n  Example usage:\n \nLet's say you wanted to copy a group called \"build_fetchers\", the policies associated with that group,\nthe users associated with that group, and the user policies associated with those users:\n\niamsync.py -r -g build_fetchers --group-policies --user-policies \n \nLet's say you want to do all the same things as above and:\n\nAdditionally, let's say you have a bucket name \"mycompany.dev\" (your source account) and you have a policy\nthat addresses it by name. In your prod account you have a bucket called \"mycompany.prod\".\nIn your dev account the bucket \"mycompany.dev\" is referred to by name in the ARN for the policy associated\nwith group build_fetchers and you want to switch it to \"mycompany.prod\" to match the account you are \ncopying it to.\n  \niamsync.py -r  -g build_fetchers --group-policies --user-policies --substitute \\\n\tmycompany.dev mycompany.prod \n  \n  \n\nTODO:\n\nCome up with better synching algorithm. \n\nThis probably won't work well if you have tons of accounts -- There needs to be some work done in handling\npagination with huge result sets.\n\nGenerate CloudFormation template based on IAM resources\n\n  \n  \n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjsmartin%2Fiamsync","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjsmartin%2Fiamsync","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjsmartin%2Fiamsync/lists"}