By using AWS re:Post, you agree to the Terms of Use

Is there a way to pull a list of users who have access to each folder and file under a parent folder?

0

My team works with many 3rd parties and uses Workdocs to share artifacts with them. We are currently in the process of auditing our system to ensure that we are unsharing artifacts once each contract is up/if an employee leaves the 3rd party. The issue we're facing is the number of artifacts we own (2.69 TB) making it extremely tedious and unsustainable to see who has access to each folder/file.

Is there a way to pull a list of users who have access to each folder and file under a parent folder? We have up to 12 layers of sub-folders under our parent folder, so clicking into each folder and file to see who has access to what would take weeks.

1 Answers
0

Hello there, 
you mention that you would like to pull a list of users who have access to your Workdocs. It seems you may only pull all users from your Workdocs.

One option would be to download the user lists and match users against expired subscriptions that you would like to invoke: to download the list [1]

You will have to sign into Amazon WorkDocs as an administrator:

Under Admin, choose Open admin control panel.
Under Manage Users, choose Download user.
For Download user, choose one of the following options to export a list of users as a .json file to your desktop:
* All users
* Guest user
* WS user
* User
* Power user
* Admin

WorkDocs saves the file to one of the following locations:

  • Windows – Downloads/WorkDocsDownloads. folder
  • macOS – hard drive/users/username/WorkDocsDownloads/folder

If you have a large number of users a full look up could result in an error deu to the underlying limitations of the service . If that is the case you would have to run a script on PowerShell, it would query each user one at a time[2]:

ForEach ($user in Get-Content c:\Scripts\users.txt) 

{

Write-Host $user 

Get-WDUserList -OrganizationId d-90673eb19d -Query $user 

Start-Sleep -m 500 

}

(Include usernames in the user.txt, script describes one user at a time).

You may also use the CLI to describe users or filter the results , based on status or organisation for example . ( To try filter out organisations that no longer have contracts with you, assuming you have configured users per organisation) By default, Amazon WorkDocs returns the first 24 active or pending users. If there are more results, the response includes a marker that you can use to request the next set of results[3]. Command example :

aws workdocs describe-users --organization-id d-926726012c

References:

[1] https://docs.aws.amazon.com/workdocs/latest/adminguide/download-user.html

[2] https://docs.aws.amazon.com/powershell/latest/reference/items/Get-WDUserList.html

[3] https://docs.aws.amazon.com/cli/latest/reference/workdocs/describe-users.html

answered a month ago
  • Thank you for your quick response, Antonio! I appreciate the helpful advice. Is there a way to pull any information on folders? It would be very useful if we could see a list of folders under our Workdocs instance with the any of the following info for each: Date the folder was created, Parent folder, Child folders, users who have access, the role of each user (owner, contributor, etc), and the date each user was granted access.

  • also--we don't currently configure users by organization but I love that idea-- how would I do so?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions