Quick script to enumerate assumable roles in an AWS Account

assume_role_enumeration.py

import boto3

client = boto3.client('iam', region_name="us-east-1")
response = client.list_roles()
roles = response.get("Roles")
for role in roles:
	if "AWS" in role["AssumeRolePolicyDocument"]["Statement"][0]["Principal"]:
		print(role["RoleId"] + " " + role["RoleName"])
		print(role["AssumeRolePolicyDocument"]["Statement"][0]["Principal"]["AWS"])