Last active
February 7, 2017 20:57
-
-
Save jeremywohl/d27d2ac9930bff517dcbecb42eb7493f to your computer and use it in GitHub Desktop.
Show last access times for AWS IAM users, sorted most-recent first
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# | |
# iam-last-access -- Show last access times for AWS IAM users, sorted most-recent first | |
# | |
# | |
require 'aws-sdk' | |
if ARGV.empty? | |
STDERR.puts "usage: iam-last-access usernames..." | |
exit 1 | |
end | |
begin | |
client = Aws::IAM::Client.new(region: 'iam') | |
rescue | |
STDERR.puts "error: failed to authenticate to AWS" | |
exit 1 | |
end | |
access_times = [] | |
ARGV.each do |user| | |
begin | |
keys = client.list_access_keys({ user_name: "#{user}" }) | |
keys[:access_key_metadata].each do |keyinfo| | |
lastused = client.get_access_key_last_used(access_key_id: keyinfo[:access_key_id]) | |
access_times << { user: user, access_key: keyinfo[:access_key_id], last_used: lastused.access_key_last_used.last_used_date } | |
end | |
rescue Aws::IAM::Errors::NoSuchEntity | |
STDERR.puts "warning: failed to query user #{user}" | |
next | |
rescue | |
STDERR.puts "fatal: #{$!}" | |
exit 1 | |
end | |
end | |
access_times.sort_by { |t| t[:time] }.each do |t| | |
puts sprintf("%s,%s,%d,%s", t[:user], t[:access_key], t[:last_used].to_i, t[:last_used]) | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment