D4rk4 · January 11, 2019 11:14
diff --git a/mass-lock-users.sh b/mass-lock-users.sh
 #!/bin/bash
 # Author: [email protected]
 #
 # Use SecurityMonkey for find all logins
 # Plz put users logins into this list ---v
 input='/opt/scripts/aws/aws-users-lock.list'

 lock_user () {
        echo -en "[${profile} - ${user}]\t"
        echo -en "removing login progile, "
        lock_return=`aws --profile ${profile} iam delete-login-profile --user-name ${user} 2>&1 | cut -f2-1337 -d:| tr '\n' ' '`
        if [[ ${lock_return} != *"The user with name"* ]];then
                #echo -en "removing from groups, "
                #for group in $(aws --profile ${profile} iam list-groups-for-user --user-name ${user} --query Groups[].GroupName --output text); do
                #       aws --profile ${profile} iam remove-user-from-group --user-name ${user} --group-name ${group}
                #done
                echo -en "removing access keys, "
                for accesskey in $(aws --profile ${profile} iam list-access-keys --user-name ${user} --query AccessKeyMetadata[].AccessKeyId --output text); do
                        aws --profile ${profile} iam delete-access-key --access-key-id ${accesskey} --user-name ${user}
                done
                echo -en "removing MFAs."
                for mfaserial in $(aws --profile ${profile} iam list-mfa-devices --user-name ${user} --query MFADevices[].SerialNumber --output text); do
                        aws --profile ${profile} iam deactivate-mfa-device --serial-number ${mfaserial} --user-name ${user}
                        aws --profile ${profile}iam delete-virtual-mfa-device --serial-number ${mfaserial}
                done
        else
                # Dirty hack =)
                c=0
                while [ ${c} -le 23 ]
                do
                        echo -en "\b"
                        c=$(( ${c} + 1 ))
                done
                echo -en "NOT FOUND!                        "
        fi
        echo -en '\n'
 }

 while read profile
 do
        while read user
        do
                lock_user;
        done <${input}
 done << EOM
 6581
 2237
 8958
 3629
 1257
 EOM
	#!/bin/bash
	# Author: [email protected]
	#
	# Use SecurityMonkey for find all logins
	# Plz put users logins into this list ---v
	input='/opt/scripts/aws/aws-users-lock.list'

	lock_user () {
	echo -en "[${profile} - ${user}]\t"
	echo -en "removing login progile, "
	lock_return=`aws --profile ${profile} iam delete-login-profile --user-name ${user} 2>&1 \| cut -f2-1337 -d:\| tr '\n' ' '`
	if [[ ${lock_return} != "The user with name" ]];then
	#echo -en "removing from groups, "
	#for group in $(aws --profile ${profile} iam list-groups-for-user --user-name ${user} --query Groups[].GroupName --output text); do
	# aws --profile ${profile} iam remove-user-from-group --user-name ${user} --group-name ${group}
	#done
	echo -en "removing access keys, "
	for accesskey in $(aws --profile ${profile} iam list-access-keys --user-name ${user} --query AccessKeyMetadata[].AccessKeyId --output text); do
	aws --profile ${profile} iam delete-access-key --access-key-id ${accesskey} --user-name ${user}
	done
	echo -en "removing MFAs."
	for mfaserial in $(aws --profile ${profile} iam list-mfa-devices --user-name ${user} --query MFADevices[].SerialNumber --output text); do
	aws --profile ${profile} iam deactivate-mfa-device --serial-number ${mfaserial} --user-name ${user}
	aws --profile ${profile}iam delete-virtual-mfa-device --serial-number ${mfaserial}
	done
	else
	# Dirty hack =)
	c=0
	while [ ${c} -le 23 ]
	do
	echo -en "\b"
	c=$(( ${c} + 1 ))
	done
	echo -en "NOT FOUND! "
	fi
	echo -en '\n'
	}

	while read profile
	do
	while read user
	do
	lock_user;
	done <${input}
	done << EOM
	6581
	2237
	8958
	3629
	1257
	EOM