How can I get UserId
for AWS SSO Users using Boto3.
I wanted to use it to assign permissions to a user for a specific aws account using below code, however, this requires PrincipalId
which is some 16-20 digit number associated with each user and is called User ID
in the AWS console.
You can read about it – here
response = client.create_account_assignment(
InstanceArn='string',
TargetId='string',
TargetType='AWS_ACCOUNT',
PermissionSetArn='string',
PrincipalType='USER'|'GROUP',
PrincipalId='string'
)
2
Answers
If you have the UserName for the user you’d like to assign permissions for, you can programmatically use IAM to determine that user’s UserId:
You’ll also need to use the ‘identitystore’ to get user or group IDs. Try this from the docs –
Although I personally found that the above method didn’t work for me due to it not being available in my installed version of Boto3, so I did this instead which worked perfectly –
Sources: