AWS Identity and Access Management
Using IAM (API Version 2010-05-08)
AWS Documentation » AWS Identity and Access Management » Using IAM » IAM Users and Groups » Listing IAM Users
« PreviousNext »
View the PDF for this guide.Go to the AWS Discussion Forum for this product.Go to the Kindle Store to download this guide in Kindle format.Did this page help you?  Yes | No |  Tell us about it...

Listing IAM Users

This section describes how to list the users in your AWS account or in a particular group.

AWS Management Console

To list all users in your AWS account

  • In the navigation pane, click Users. The console displays ten users per screen. To see more users, use the page controls on the right side of the console to advance to the next screen.

IAM Dashboard, Download Credentials

To list all users in a group

  • In the navigation pane, click Groups, and then select the group name. The console displays group details. If necessary, select the Users tab to display all users belonging to the group.

    IAM Dashboard, Download Credentials

Command Line Interface

The iam-userlistbypath command lets you list all the users in the AWS account or list all the users with a particular path prefix. The output lists the ARN for each resulting user.

The iam-userlistgroups command lists all the groups a particular user is in. The output lists the ARNs for the groups the user is in. For more information about ARNs and paths, see IAM Identifiers.

For more information about these commands, refer to the AWS Identity and Access Management Command Line Interface Reference.

API

The ListUsers action lets you list all the users in the AWS account, or list all the users with a particular path prefix. The response lists the path, ARN, and unique ID for each resulting user. For more information about paths, ARNs, and unique IDs, see IAM Identifiers.

If you want to get a list of users in a particular group, use GetGroup.

For more information about ListUsers and GetGroup, go to the AWS Identity and Access Management API Reference, or refer to your SDK's documentation.

Paginating the Results

Some of the API actions such as ListUsers and GetGroup let you paginate the results. Note that these actions limit the number of users returned in the response, so to get the full list of users, you must call the action multiple times.

To paginate the list results

  1. In the first request, use a MaxItems parameter specifying how many users you want in the response.

    https://iam.amazonaws.com/
?Action=ListUsers
&MaxItems=10
&Version=2010-05-08
&AUTHPARAMS

    The response includes up to MaxItems number of users (assuming there are at least that many total). If there are more users left beyond that maximum, the response includes an element called IsTruncated with a true value (otherwise, the value is false). The response also includes a Marker element with a long string as the value. 

    <ListUsersResponse>
   <ListUsersResult>
      <Users>      
         <member>
            ...
         </member>
         <member>
            ...
        </member>
      ...
      </Users>
      <IsTruncated>true</IsTruncated>
      <Marker>AAHu6JklqUhsapsw5lZ5​xq/bjVoYLSbLeLoLh​US4GlRQK2UYzMW40g​39qbmiJeRLnkYI4​WUSXIT​45gZEXAMPLE</Marker>
   </ListUsersResult>
   <ResponseMetadata>
      <RequestId>7a62c49f-347e-4fc4-9331-6e8eEXAMPLE</RequestId>
   </ResponseMetadata>
</ListUsersResponse>

  2. In the subsequent request to continue listing the users, again include the MaxItems request parameter, and a Marker request parameter set to that long Marker value from the response. 

    https://iam.amazonaws.com/
?Action=ListUsers
&MaxItems=10
&Marker=AAHu6JklqUhsapsw5lZ5​xq/bjVoYLSbLeLoLh​US4GlRQK2UYzMW40g​39qbmiJeRLnkYI4​WUSXIT​45gZEXAMPLE
&Version=2010-05-08
&AUTHPARAMS

    If there are still more users to be listed, the IsTruncated value in the response is true, and there's a new value for Marker for you to use in the next request to continue listing.

Document Conventions« PreviousNext »
Terms of UseDid this page help you?  Yes | No |  Tell us about it...