0

Shell script to find the age of iam access keys and user last login.

jarral rajput
  • 23
  • 6
  • Can you use [credentails report](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html#getting-credential-reports-cliapi) which provides this information? – Marcin Feb 10 '21 at 07:45
  • @MohsinNisar : So, you need to convert a date string into an epoch numerical value, so that you can calculate the difference, right? Depending on the `date` command you have available, you could [use it for this task](https://unix.stackexchange.com/questions/549148/how-do-i-convert-a-datetime-into-a-epoch) - see in particular the answer given by _Isaac_ on that page. – user1934428 Feb 10 '21 at 09:33
  • @MohsinNisar : That's why I said, that you need the epoch. With this you can then calculate the difference. – user1934428 Feb 10 '21 at 14:31

3 Answers3

0

Well you will have to use date manipulations to do the same. Save the CreatedDate in a varaible. Then you can use something like this to get the elapsed days:

   #!/bin/bash
   datediff() {
        d1=$(date -d "$1" +%s)
        d2=$(date -d "$2" +%s)
        echo $(( (d1 - d2) / 86400 )) days
    }
    datediff $(date --iso-8601=seconds) $createdDate
Mudassir Razvi
  • 1,783
  • 12
  • 33
0

Using GNU awk:

awk -F\" '{ gsub("[-:TZ]"," ",$4);print (((strftime("%s")-mktime($4))/60)/60)/24 }' <<< '"CreateDate": "2021-02-01T12:02:36Z"'

Use gsub to replace -,:,T,Z for a space. Use mktime to create a epoch version of the converted date. Use strftime to calculate the difference in epoch format and then divide by 60 to get minutes, 60 again to get hours and 24 to get days.

Raman Sailopal
  • 12,320
  • 2
  • 11
  • 18
0
  1. extract the raw date from json via jq query
  2. Calculate Difference using date
#!/bin/bash
user=$1
PASS_LAST_USED="$(aws iam get-user --user-name $user | jq -r '.User.PasswordLastUsed')" #| grep -i PasswordLastUsed
CREATE_DATE="$(aws iam list-access-keys --user-name $user | jq -r '.AccessKeyMetadata[].CreateDate')" #| grep -i createdate


echo "$(( (  $(gdate "+%s") - $(gdate -d "$PASS_LAST_USED" "+%s") )/(60*60*24) )) days"
echo "$(( (  $(gdate "+%s") - $(gdate -d "$CREATE_DATE" "+%s") )/(60*60*24) )) days"
0xdnL
  • 384
  • 3
  • 10