tomislacker · February 1, 2018 05:27
diff --git a/find_iam_key.sh b/find_iam_key.sh
 #!/bin/bash

 ###############################################################################
 # find_iam_key.sh <access key id>
 # Searches through all IAM users to find out which soul decided NOT to use
 # instance profiles, and instead embeded a key+secret pair in an EC2 instance.
 ###############################################################################

 #############
 # Functions #
 #############

 msg_stamp ()
 {
    date --iso-8601=seconds
 }

 msg_out ()
 {
    echo -e "[$(msg_stamp)] $@"
 }

 msg_err ()
 {
    msg_out $@ >&2
 }

 msg_fatal ()
 {
    local exit_val=$1
    shift
    msg_err $@
    exit $exit_val
 }

 get_all_usernames ()
 {
    aws iam list-users \
        | jq -r '.Users[].UserName'
 }

 get_user_key_ids ()
 {
    local user_name=$1
    aws iam list-access-keys --user-name ${user_name} \
        | jq -r '.AccessKeyMetadata[].AccessKeyId'
 }

 #############
 # Execution #
 #############
 FIND_KEY_ID=$1

 [ -z "$FIND_KEY_ID" ] \
    && msg_fatal 1 "No access key id provided to search for"

 msg_out "Searching for key: ${FIND_KEY_ID}"
 msg_out "Looking up users..."
 USERS=( $(get_all_usernames) )
 msg_out "Found ${#USERS[@]} user(s)"

 for user in ${USERS[@]}
 do
    user_keys=( $(get_user_key_ids $user) )
    msg_out "${user}: ${#user_keys[@]} keys"
    
    for key in ${user_keys[@]}
    do
        if [ "$key" == "$FIND_KEY_ID" ]
        then
            msg_fatal 0 "Found key under user: ${user}"
        fi
    done
 done

 msg_fatal 100 "Key not found..."
	#!/bin/bash

	###############################################################################
	# find_iam_key.sh <access key id>
	# Searches through all IAM users to find out which soul decided NOT to use
	# instance profiles, and instead embeded a key+secret pair in an EC2 instance.
	###############################################################################

	#############
	# Functions #
	#############

	msg_stamp ()
	{
	date --iso-8601=seconds
	}

	msg_out ()
	{
	echo -e "[$(msg_stamp)] $@"
	}

	msg_err ()
	{
	msg_out $@ >&2
	}

	msg_fatal ()
	{
	local exit_val=$1
	shift
	msg_err $@
	exit $exit_val
	}

	get_all_usernames ()
	{
	aws iam list-users \
	\| jq -r '.Users[].UserName'
	}

	get_user_key_ids ()
	{
	local user_name=$1
	aws iam list-access-keys --user-name ${user_name} \
	\| jq -r '.AccessKeyMetadata[].AccessKeyId'
	}

	#############
	# Execution #
	#############
	FIND_KEY_ID=$1

	[ -z "$FIND_KEY_ID" ] \
	&& msg_fatal 1 "No access key id provided to search for"

	msg_out "Searching for key: ${FIND_KEY_ID}"
	msg_out "Looking up users..."
	USERS=( $(get_all_usernames) )
	msg_out "Found ${#USERS[@]} user(s)"

	for user in ${USERS[@]}
	do
	user_keys=( $(get_user_key_ids $user) )
	msg_out "${user}: ${#user_keys[@]} keys"

	for key in ${user_keys[@]}
	do
	if [ "$key" == "$FIND_KEY_ID" ]
	then
	msg_fatal 0 "Found key under user: ${user}"
	fi
	done
	done

	msg_fatal 100 "Key not found..."
No results found