Show last access times for AWS IAM users, sorted most-recent first

iam-last-access

#!/usr/bin/env ruby

#
# iam-last-access -- Show last access times for AWS IAM users, sorted most-recent first
#
#

require 'aws-sdk'

if ARGV.empty?
  STDERR.puts "usage: iam-last-access usernames..."
  exit 1
end

begin
  client = Aws::IAM::Client.new(region: 'iam')
rescue
  STDERR.puts "error: failed to authenticate to AWS"
  exit 1
end

access_times = []

ARGV.each do |user|
  begin
    keys = client.list_access_keys({ user_name: "#{user}" })

    keys[:access_key_metadata].each do |keyinfo|
      lastused = client.get_access_key_last_used(access_key_id: keyinfo[:access_key_id])
      access_times << { user: user, access_key: keyinfo[:access_key_id], last_used: lastused.access_key_last_used.last_used_date }
    end
  rescue Aws::IAM::Errors::NoSuchEntity
    STDERR.puts "warning: failed to query user #{user}"
    next
  rescue
    STDERR.puts "fatal: #{$!}"
    exit 1
  end
end

access_times.sort_by { |t| t[:time] }.each do |t|
  puts sprintf("%s,%s,%d,%s", t[:user], t[:access_key], t[:last_used].to_i, t[:last_used])
end