My access is a CLI that allows authenticated users to query information about accounts, members, and roles from the Pearson LDAP.
The VPN must be connected in order to run this application. You must also configure the application with your LDAP credentials by running the configure command the first time you run the application.
The accounts command allows users to input a user's email and returns all the accounts under that email. With the -a or -d flag, users can also specify which accounts for the user they would like outputed.
The members command allows users to input either an AWS account number or the divvy cloud flag and returns all the roles and members under that role for that account. There is also an optional email parameter to list the users and their emails as well.
| Flag Name | Short | Type | Required? | Description | |-----------|-------|------|-----------|-------------| | --aws | -a | bool | No | Query AWS accounts | | --divvy| -d | bool | No | Query DivvyCloud roles | | --email | -e | string | No | Query info for a specific user given their email | | --config | | string | No | Used to specify a different credentials file besides the default config.yaml
| Flag Name | Short | Type | Required? | Description | |-----------|-------|------|-----------|-------------| | --aws | -a | string | No | Query Roles and Users associated with a specific AWS account | | --divvy| -d | bool | No | Query Roles and Users for DivvyCloud | | --email | -e | bool | No | Return a user's name and email | | --config | | string | No | Used to specify a different credentials file besides the default config.yaml
Use "[command] --help" for more information about a command.
If you are downloading this from the s3 bucket please follow these instructions
Make sure you’re on VPN Rename the file and make it executable ./myAccess Configure and input your peroot creds and take default value for ldap server ./myAccess -h will give you the options ./myaccess accounts --email useremail@pearson.com will show you what AD groups an individual user is part of. ./myaccess members --aws 273673589168 will show you a list of all the AD roles in the account and who has access