I want to create a script, and perhaps run it in a cron job every 24 hours, which will list all access keys older than 60 days.
I also want to shove the keys older than 60 days into an array so I can iterate over it and perform other options.
I'm looking at Managing access keys for IAM users - AWS Identity and Access Management and it has a aws iam get-access-key-last-used
command but that's not what I want. But it's the closet thing I can find.
What I want to get the key where current date - creation date > 60 days
.
I'm imagining my script would look something like this:
# some of this is pseudocode just to
# communicate what I'm envisioning.
# I don't actually know what to put
# here yet; need assistance.
myCommand = "aws cli get key where age > 60"
staleKeys=( $( $myCommand) )
for key in "${staleKeys[@]}"
do
# log "${key}"
# run another aws cli command with ${key} as a value
done
Is this possible from the AWS CLI?