jamesls/gist:00ef7fcc0ac39ba8b06956d165c42f6d Secret

## gistfile1.txt
#!/bin/bash

# Note: you'll need "jp" installed:
# https://github.com/jmespath/jp
# This script also creates a profile called "testcreds"
# so ensure you don't already have a profile called "testcreds".

export AWS_DEFAULT_REGION=us-west-2

errexit() {
  echo "ERROR: $(basename "$0") (line ${LINENO}): ${1:-"Unknown Error"}" 1>&2
  exit 1
}

while true
do
  echo "Trying"
  new_creds=$(aws iam create-access-key)
  # Check if there's any of the bad chars in the secret key.
  access_key=$(jp -u AccessKey.AccessKeyId <<< $new_creds)
  secret_key=$(jp -u AccessKey.SecretAccessKey <<< $new_creds)

  if [[ "$secret_key" == *[+/]* ]]
  then
    echo "Found bad char in secret key"
    echo $secret_key
    # Configure a new profile with these creds and try running
    # a few commands.
    aws configure set profile.testcreds.aws_access_key_id "$access_key"
    aws configure set profile.testcreds.aws_secret_access_key "$secret_key"
    # Give it some time to propagate.
    sleep 7
    echo "Trying CLI commands with new access_key/secret_key pair"
    aws iam list-users --profile testcreds || errexit "list-users failed"
    aws iam list-users --profile testcreds || errexit "list-users failed"
    aws iam list-users --profile testcreds || errexit "list-users failed"
    aws ec2 describe-instances --profile testcreds || errexit "describe-instances failed"
    aws ec2 describe-instances --profile testcreds  || errexit "describe-instances failed"
    aws ec2 describe-instances --profile testcreds || errexit "describe-instances failed"
    aws s3api list-buckets --profile testcreds || errexit "list-buckets failed"
    aws s3api list-buckets --profile testcreds || errexit "list-buckets failed"
    aws s3api list-buckets --profile testcreds || errexit "list-buckets failed"
  else
    echo "NO: $secret_key"
  fi
  aws iam delete-access-key --access-key-id "$access_key"
done
	#!/bin/bash

	# Note: you'll need "jp" installed:
	# https://github.com/jmespath/jp
	# This script also creates a profile called "testcreds"
	# so ensure you don't already have a profile called "testcreds".

	export AWS_DEFAULT_REGION=us-west-2

	errexit() {
	echo "ERROR: $(basename "$0") (line ${LINENO}): ${1:-"Unknown Error"}" 1>&2
	exit 1
	}

	while true
	do
	echo "Trying"
	new_creds=$(aws iam create-access-key)
	# Check if there's any of the bad chars in the secret key.
	access_key=$(jp -u AccessKey.AccessKeyId <<< $new_creds)
	secret_key=$(jp -u AccessKey.SecretAccessKey <<< $new_creds)

	if [[ "$secret_key" == [+/] ]]
	then
	echo "Found bad char in secret key"
	echo $secret_key
	# Configure a new profile with these creds and try running
	# a few commands.
	aws configure set profile.testcreds.aws_access_key_id "$access_key"
	aws configure set profile.testcreds.aws_secret_access_key "$secret_key"
	# Give it some time to propagate.
	sleep 7
	echo "Trying CLI commands with new access_key/secret_key pair"
	aws iam list-users --profile testcreds \|\| errexit "list-users failed"
	aws iam list-users --profile testcreds \|\| errexit "list-users failed"
	aws iam list-users --profile testcreds \|\| errexit "list-users failed"
	aws ec2 describe-instances --profile testcreds \|\| errexit "describe-instances failed"
	aws ec2 describe-instances --profile testcreds \|\| errexit "describe-instances failed"
	aws ec2 describe-instances --profile testcreds \|\| errexit "describe-instances failed"
	aws s3api list-buckets --profile testcreds \|\| errexit "list-buckets failed"
	aws s3api list-buckets --profile testcreds \|\| errexit "list-buckets failed"
	aws s3api list-buckets --profile testcreds \|\| errexit "list-buckets failed"
	else
	echo "NO: $secret_key"
	fi
	aws iam delete-access-key --access-key-id "$access_key"
	done