The total permissions of a single user are compiled from several places, so you have to use several commands to catch them all.
aws iam list-groups-for-user --user-name
aws iam list-attached-group-policies --group-name
aws iam list-group-policies --group-name
aws iam list-attached-user-policies --user-name
aws iam list-user-policies --user-name
Here's a quick powershell script that can automate this output: