Can I list all users in a vault/group using the CLI?

For audit compliance, we need to do quarterly access review of our 1password vaults. I'm trying to find a way to get a system-generated list of users in each of our vaults that have audit-worthy items.

I'd like to be able to request all users that have access to view and modify items in each vault. I don't see a way to do that in the CLI, but perhaps I'm missing something.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:List users in a vault/group using the CLI

Comments

  • rickfillionrickfillion Junior Member

    Team Member

    Hi @bjallen,

    You're not missing something, this is something that's currently not possible with our CLI tool. Being able to get group memberships and vault access is something that I think would be great for us to have though.

    Rick

  • +1 this would be enormously helpful for auditing

  • brentybrenty

    Team Member

    Thanks for letting us know it's a feature you'd like us to add. :)

  • I'd also love to have this! Being able to audit group and vault membership programmatically would be super helpful.

  • graham_1Pgraham_1P

    Team Member

    Noted! Thanks for the input.

  • Being able to get group memberships and vault access is something that I think would be great for us to have though.

    Adding to the list of people wanting this. I've been working to help get the (unofficial) 1Password Terraform provider up and running as my company uses Terraform to provision users and groups in our various SaaS services. We've added the ability to auto-provision groups and auto-provision vaults, but adding those groups to the vaults has been beyond "op"s capabilities so far. Would love to complete the set!

  • cohixcohix

    Team Member

    @taiidani that is super cool! Do you have a blog post or something about using Terraform for that? I'd love to learn more.

  • Is there any progress on this? Being able to manage users in groups is my main use case for the CLI. The ability to add and remove users in a group already gets me most of the way, but listing users is the last small bit I need to confirm that it has been done correctly.

  • cohixcohix

    Team Member

    @rkistner this is certainly something we're working towards, hopefully there will be more to share in the not-distant future.

  • felix_1pfelix_1p

    Team Member

    This has been added in v0.7! You can now do

    op list users --vault=<vault>
    

    and

    op list users --group=<group>
    

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file