Delete-all-Users-things -ThisUserList $Usersfunction Delete-all-Users-things{p

1. Delete-all-Users-things -ThisUserList $Users
2. function Delete-all-Users-things{
3. param([string[]] $ThisUserList)
4. ForEach($name in $ThisUserList) {
5.  
6. # find any groups and remove user from them
7. $groups = Get-IAMGroupForUser -UserName $name
8. foreach ($group in $groups) { Remove-IAMUserFromGroup -GroupName $group.GroupName -UserName $name -Force }
9.  
10. # find any inline policies and delete them
11. $inlinepols = Get-IAMUserPolicies -UserName $name
12. foreach ($pol in $inlinepols) { Remove-IAMUserPolicy -PolicyName $pol -UserName $name -Force}
13.  
14. # find any managed polices and detach them
15. $managedpols = Get-IAMAttachedUserPolicies -UserName $name
16. foreach ($pol in $managedpols) { Unregister-IAMUserPolicy -PolicyArn $pol.PolicyArn -UserName $name }
17.  
18. # find any signing certificates and delete them
19. $certs = Get-IAMSigningCertificate -UserName $name
20. foreach ($cert in $certs) { Remove-IAMSigningCertificate -CertificateId $cert.CertificateId -UserName $name -Force }
21.  
22. # find any access keys and delete them
23. $keys = Get-IAMAccessKey -UserName $name
24. foreach ($key in $keys) { Remove-IAMAccessKey -AccessKeyId $key.AccessKeyId -UserName $name -Force }
25.  
26. # delete the user's login profile, if one exists - note: need to use try/catch to suppress not found error
27. try { $prof = Get-IAMLoginProfile -UserName bab -ea 0 } catch { out-null }
28. if ($prof) { Remove-IAMLoginProfile -UserName $name -Force }
29.  
30. # find any MFA device, detach it, and if virtual, delete it.
31. $mfa = Get-IAMMFADevice -UserName $name
32. if ($mfa) {
33. Disable-IAMMFADevice -SerialNumber $mfa.SerialNumber -UserName $name
34. if ($mfa.SerialNumber -like "arn:*") { Remove-IAMVirtualMFADevice -SerialNumber $mfa.SerialNumber }
35. }
36.  
37. # finally, remove the user
38. Remove-IAMUser -UserName $name -Force
39.  
40. }
41. }