AWS cli: create users from file in identity center and add to students group

1. #!/bin/bash
2.  
3. # Script to create AWS Identity Center users from a file and add them to the "students" group
4. # Usage: ./create_users.sh <emails_file>
5.  
6. set -e
7.  
8. # Check if filename is provided
9. if [ $# -eq 0 ]; then
10. echo "Usage: $0 <emails_file>"
11. echo "Example: $0 emails.txt"
12. exit 1
13. fi
14.  
15. EMAILS_FILE="$1"
16.  
17. # Check if file exists
18. if [ ! -f "$EMAILS_FILE" ]; then
19. echo "Error: File '$EMAILS_FILE' not found!"
20. exit 1
21. fi
22.  
23. # Get the Identity Store ID
24. echo "Fetching Identity Store ID..."
25. IDENTITY_STORE_ID=$(aws sso-admin list-instances --query 'Instances[0].IdentityStoreId' --output text)
26.  
27. if [ -z "$IDENTITY_STORE_ID" ]; then
28. echo "Error: Could not retrieve Identity Store ID"
29. exit 1
30. fi
31.  
32. echo "Identity Store ID: $IDENTITY_STORE_ID"
33.  
34. # Find the "students" group ID
35. echo "Finding 'students' group..."
36. GROUP_ID=$(aws identitystore list-groups \
37. --identity-store-id "$IDENTITY_STORE_ID" \
38. --filters AttributePath=DisplayName,AttributeValue=students \
39. --query 'Groups[0].GroupId' \
40. --output text)
41.  
42. if [ -z "$GROUP_ID" ] || [ "$GROUP_ID" == "None" ]; then
43. echo "Error: 'students' group not found!"
44. exit 1
45. fi
46.  
47. echo "Students group ID: $GROUP_ID"
48. echo ""
49. echo "Starting user creation..."
50. echo "=========================="
51.  
52. # Read emails from file and create users
53. while IFS= read -r email || [ -n "$email" ]; do
54. # Skip empty lines
55. [ -z "$email" ] && continue
56.  
57. # Trim whitespace
58. email=$(echo "$email" | xargs)
59.  
60. echo "Processing: $email"
61.  
62. # Extract username from email (part before @)
63. username=$(echo "$email" | cut -d'@' -f1)
64.  
65. # Split username into first and last name
66. # If username contains a dot, split by dot (e.g., javi.moreno)
67. if [[ "$username" == *.* ]]; then
68. FIRST_NAME=$(echo "$username" | cut -d'.' -f1 | sed 's/\b\(.\)/\u\1/g')
69. LAST_NAME=$(echo "$username" | cut -d'.' -f2- | sed 's/\b\(.\)/\u\1/g')
70. else
71. # If no dot, use the whole username as first name and "User" as last name
72. FIRST_NAME=$(echo "$username" | sed 's/\b\(.\)/\u\1/g')
73. LAST_NAME="User"
74. fi
75.  
76. # Create user
77. echo " Creating user: $FIRST_NAME $LAST_NAME ($email)"
78. USER_ID=$(aws identitystore create-user \
79. --identity-store-id "$IDENTITY_STORE_ID" \
80. --user-name "$username" \
81. --display-name "$FIRST_NAME $LAST_NAME" \
82. --name Formatted="$FIRST_NAME $LAST_NAME",FamilyName="$LAST_NAME",GivenName="$FIRST_NAME" \
83. --emails Value="$email",Type=work,Primary=true \
84. --query 'UserId' \
85. --output text 2>&1)
86.  
87. if [ $? -eq 0 ] && [ -n "$USER_ID" ] && [ "$USER_ID" != "None" ]; then
88. echo " ✓ User created with ID: $USER_ID"
89.  
90. # Add user to students group
91. echo " Adding user to 'students' group..."
92. aws identitystore create-group-membership \
93. --identity-store-id "$IDENTITY_STORE_ID" \
94. --group-id "$GROUP_ID" \
95. --member-id UserId="$USER_ID" \
96. --output text > /dev/null 2>&1
97.  
98. if [ $? -eq 0 ]; then
99. echo " ✓ User added to 'students' group"
100. else
101. echo " ✗ Failed to add user to group"
102. fi
103. else
104. echo " ✗ Failed to create user: $USER_ID"
105. fi
106.  
107. echo ""
108. done < "$EMAILS_FILE"
109.  
110. echo "=========================="
111. echo "User creation completed!"