rayterrill/FindOldAWSAccessKeys.ps1

## FindOldAWSAccessKeys.ps1
Import-Module AWSPowerShell

#get a date 90 days ago to use to calculate old credentials
$date90DaysAgo = (Get-Date).AddDays(-90)

#gather all of our iam users
$users = Get-IAMUsers
#iterate each of my uesrs
foreach ($u in $users) {
   #grab all the keys for a user
   $keys = Get-IAMAccessKey -Username $u.Username
   #iterate each of the user's keys
   foreach ($k in $keys) {
      if ($k.CreateDate -lt $date90DaysAgo) {
         Write-Host "Key [$($k.AccessKeyId)] from [$($k.UserName)] is older than 90 days and needs to be rotated." -ForegroundColor Yellow
      }
   }
}
	Import-Module AWSPowerShell

	#get a date 90 days ago to use to calculate old credentials
	$date90DaysAgo = (Get-Date).AddDays(-90)

	#gather all of our iam users
	$users = Get-IAMUsers
	#iterate each of my uesrs
	foreach ($u in $users) {
	#grab all the keys for a user
	$keys = Get-IAMAccessKey -Username $u.Username
	#iterate each of the user's keys
	foreach ($k in $keys) {
	if ($k.CreateDate -lt $date90DaysAgo) {
	Write-Host "Key [$($k.AccessKeyId)] from [$($k.UserName)] is older than 90 days and needs to be rotated." -ForegroundColor Yellow
	}
	}
	}