Can I list all users in a vault/group using the CLI?

bjallen
bjallen
Community Member

For audit compliance, we need to do quarterly access review of our 1password vaults. I'm trying to find a way to get a system-generated list of users in each of our vaults that have audit-worthy items.

I'd like to be able to request all users that have access to view and modify items in each vault. I don't see a way to do that in the CLI, but perhaps I'm missing something.


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:List users in a vault/group using the CLI

Comments

  • Hi @bjallen,

    You're not missing something, this is something that's currently not possible with our CLI tool. Being able to get group memberships and vault access is something that I think would be great for us to have though.

    Rick

  • jbrownEP
    jbrownEP
    Community Member

    +1 this would be enormously helpful for auditing

  • AGAlumB
    AGAlumB
    1Password Alumni

    Thanks for letting us know it's a feature you'd like us to add. :)

  • kiranb
    kiranb
    Community Member

    I'd also love to have this! Being able to audit group and vault membership programmatically would be super helpful.

  • Noted! Thanks for the input.

  • taiidani
    taiidani
    Community Member

    Being able to get group memberships and vault access is something that I think would be great for us to have though.

    Adding to the list of people wanting this. I've been working to help get the (unofficial) 1Password Terraform provider up and running as my company uses Terraform to provision users and groups in our various SaaS services. We've added the ability to auto-provision groups and auto-provision vaults, but adding those groups to the vaults has been beyond "op"s capabilities so far. Would love to complete the set!

  • cohix
    cohix
    1Password Alumni

    @taiidani that is super cool! Do you have a blog post or something about using Terraform for that? I'd love to learn more.

  • rkistner
    rkistner
    Community Member

    Is there any progress on this? Being able to manage users in groups is my main use case for the CLI. The ability to add and remove users in a group already gets me most of the way, but listing users is the last small bit I need to confirm that it has been done correctly.

  • cohix
    cohix
    1Password Alumni

    @rkistner this is certainly something we're working towards, hopefully there will be more to share in the not-distant future.

  • felix_1p
    felix_1p
    1Password Alumni

    This has been added in v0.7! You can now do

    op list users --vault=<vault>
    

    and

    op list users --group=<group>
    
This discussion has been closed.