for k in $(aws kms list-keys | jq -r '.[] | .[].KeyId');
do aws kms describe-key --key-id $k | jq -r '.KeyMetadata)';
done
Output
{
"AWSAccountId": "xxxxxxxxxxxx",
"KeyId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"KeyId": "2d52f6f5-6b78-45fe-b210-853331c16c54",
"Arn": "arn:aws:kms:eu-west-1:xxxxxxxxxxxx:key/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"CreationDate": 1584877130.475,
"Enabled": true,
"Description": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"KeyUsage": "ENCRYPT_DECRYPT",
"KeyState": "Enabled",
"Origin": "AWS_KMS",
"KeyManager": "CUSTOMER",
"CustomerMasterKeySpec": "SYMMETRIC_DEFAULT",
"EncryptionAlgorithms": [
"SYMMETRIC_DEFAULT"
]
}
for k in $(aws kms list-keys | jq -r '.[] | .[].KeyId');
do aws kms describe-key --key-id $k | jq -r '.KeyMetadata | select(.KeyManager=="CUSTOMER")';
done
Output
{
"AWSAccountId": "xxxxxxxxxxxx",
"KeyId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"KeyId": "2d52f6f5-6b78-45fe-b210-853331c16c54",
"Arn": "arn:aws:kms:eu-west-1:xxxxxxxxxxxx:key/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"CreationDate": 1584877130.475,
"Enabled": true,
"Description": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"KeyUsage": "ENCRYPT_DECRYPT",
"KeyState": "Enabled",
"Origin": "AWS_KMS",
"KeyManager": "CUSTOMER",
"CustomerMasterKeySpec": "SYMMETRIC_DEFAULT",
"EncryptionAlgorithms": [
"SYMMETRIC_DEFAULT"
]
}
for k in $(aws kms list-keys | jq -r '.[] | .[].KeyId');
do aws kms describe-key --key-id $k | jq -r '.KeyMetadata | select(.KeyManager=="CUSTOMER") \
| {keyId: .KeyId, CreationDate: .CreationDate, Description: .Description} | .CreationDate |= (todate)';
done
Output
{
"keyId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"CreationDate": "2020-03-22T11:38:50Z",
"Description": "xxxxxxxxxxxxxxxxxxxxxxx"
}
for k in $(aws kms list-keys | jq -r '.[] | .[].KeyId');
do aws kms describe-key --key-id $k | jq -r '.KeyMetadata | select(.KeyManager=="CUSTOMER") \
| {keyId: .KeyId, CreationDate: .CreationDate, Description: .Description} \
| .CreationDate |= (todate) | [.]';
done | jq -r '[.[]| with_entries( .key |= ascii_downcase ) ] \
| (.[0] |keys_unsorted | @tsv), (.[]|.|map(.) |@tsv)' \
| column -t```
Output
keyid creationdate description
xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx 2020-03-22T11:38:50Z xxxxxxxxxxxx
## List Internet Gateways in all regions
$ for region in $(aws ec2 describe-regions | jq -r '.[] | .[] | .RegionName'); do echo region: $region; aws --region $region ec2 describe-internet-gateways | jq -r '.[] | .[] | .InternetGatewayId'; done