Using AWS and Typescript. Is there any way to enumerate a list of IAM users from an existing IAM group? I can use the

aws.iam.Group.get

method to get the group, but I'm not sure how to actually access the existing group membership.

You can't do it in Pulumi, it needs to the be AWS IAM SDK. The GetGroup command does it. https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/clients/client-iam/modules/getgroupresponse.html#users There's an import alias for it in Pulumi. So something list this might work (untested code):

(new aws.sdk.IAM()).getGroup((_, response) => {
          <http://pulumi.log.info|pulumi.log.info>(JSON.stringify(response.Users));
        });

Thanks @little-cartoon-10569. I found https://www.pulumi.com/docs/reference/pkg/aws/iam/getgroup/ in the AWS API spec. I wonder why there is both a 

get

 method which I tried above AND a 

getGroup

 method. When would I use only 

get

?

get

is a Pulumi object that loads a Pulumi group object. It isn't often useful, but occasionally you want to have a Pulumi object managed in one Project/stack, and used in a different one. This is the method that allows that.

Thank you for the explanation. Also, I didn't notice that

getGroup

returns a GetGroupResult. I watch closer next time.