By using AWS re:Post, you agree to the Terms of Use
/Why doesn't IAM show user principal IDs nor allow for searching?/

Why doesn't IAM show user principal IDs nor allow for searching?


From GuardDuty we get notifications about modifications to S3 buckets in the format

  1. Why doesn't it report the user ARN?
  2. Why does IAM not show each user's (21-character) principal ID?
  3. Why does IAM not make principal ID searchable?
  4. Why does AWS CLI iam get-user not implement get by principal ID?
  5. Why does it have to be iam list-users to pull every user to manually check?
1 Answers

There have been security findings that have indicated that the AWS account ID is sensitive. It therefore imperative, from a security standpoint, that the account ID be protected. Most of the things that you appear to desire would expose the account ID.

answered a month ago
  • So executing aws iam list-users to get everybody's principal ID is, not sensitive?

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions