HrushikeshK/iam-get-access-key.py

## iam-get-access-key.py
def get_sensored_access_key(access_key):
    first_four = access_key[:4]
    last_four = access_key[-4:]
    return first_four + "*********" + last_four

def check_access_keys(userData):
    created_date = datetime.now()
    last_used_date = datetime.now()
    access_key_id = None

    username = userData['UserName']
    user_arn = userData['Arn']

     # Below we are checking for access keys last usage
    try:
        res_keys = iam_client.list_access_keys(UserName=username,MaxItems=2)

        if 'AccessKeyMetadata' in res_keys:
            for key in res_keys['AccessKeyMetadata']:
                if 'CreateDate' in key:
                    created_date = res_keys['AccessKeyMetadata'][0]['CreateDate'].replace(tzinfo=None)
                if 'AccessKeyId' in key:
                    access_key_id = key['AccessKeyId']
                    res_last_used_key = iam_client.get_access_key_last_used(AccessKeyId=access_key_id)
                    if 'LastUsedDate' in res_last_used_key['AccessKeyLastUsed']:
                        last_used_date = res_last_used_key['AccessKeyLastUsed']['LastUsedDate'].replace(tzinfo=None)
                    else:
                        last_used_date = created_date

                difference = date_now - last_used_date
                access_key_status = key['Status']         # Get status of the access keys
                if difference.days > max_idle_days and access_key_status == "Active":
                    access_key = iam_resource.AccessKey(username, access_key_id)   # Get user's access key details

                    # Deactivate Access key
                    ret_val = access_key.deactivate()
                    response = requests.request("POST", url, data=get_slack_payload(username, True, get_sensored_access_key(access_key_id), user_arn, diff=difference.days), headers=headers)

    except ClientError as error:
        print('An error occurred while listing access keys', error)
	def get_sensored_access_key(access_key):
	first_four = access_key[:4]
	last_four = access_key[-4:]
	return first_four + "*********" + last_four

	def check_access_keys(userData):
	created_date = datetime.now()
	last_used_date = datetime.now()
	access_key_id = None

	username = userData['UserName']
	user_arn = userData['Arn']

	# Below we are checking for access keys last usage
	try:
	res_keys = iam_client.list_access_keys(UserName=username,MaxItems=2)

	if 'AccessKeyMetadata' in res_keys:
	for key in res_keys['AccessKeyMetadata']:
	if 'CreateDate' in key:
	created_date = res_keys['AccessKeyMetadata'][0]['CreateDate'].replace(tzinfo=None)
	if 'AccessKeyId' in key:
	access_key_id = key['AccessKeyId']
	res_last_used_key = iam_client.get_access_key_last_used(AccessKeyId=access_key_id)
	if 'LastUsedDate' in res_last_used_key['AccessKeyLastUsed']:
	last_used_date = res_last_used_key['AccessKeyLastUsed']['LastUsedDate'].replace(tzinfo=None)
	else:
	last_used_date = created_date

	difference = date_now - last_used_date
	access_key_status = key['Status'] # Get status of the access keys
	if difference.days > max_idle_days and access_key_status == "Active":
	access_key = iam_resource.AccessKey(username, access_key_id) # Get user's access key details

	# Deactivate Access key
	ret_val = access_key.deactivate()
	response = requests.request("POST", url, data=get_slack_payload(username, True, get_sensored_access_key(access_key_id), user_arn, diff=difference.days), headers=headers)

	except ClientError as error:
	print('An error occurred while listing access keys', error)