xpk/code-dumps
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

UPD: updated iam-last-activity.py and print date instead of time

Browse Source
This commit is contained in:
xpk 2024-08-09 08:30:31 +08:00
parent b1af2b9d1b
commit 1a1c1c964c
Signed by: xpk
GPG Key ID: CD4FF6793F09AB86
1 changed files with 18 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
aws/iam-last-activity.py
View File

@ -1,16 +1,15 @@
#!/usr/bin/python3
from datetime import datetime
import boto3
import jmespath
import time
import re
import json
from pprint import pprint
from jmespath.exceptions import JMESPathTypeError
# dump user/group/role last activity
def generateLastAccessed(myclient, arn, myAccountId):
def generateLastAccessed(myclient: boto3.client, arn: str, myAccountId: str) -> list[str]:
response = myclient.generate_service_last_accessed_details(
Arn=arn,
Granularity='SERVICE_LEVEL')
@ -28,18 +27,22 @@ def generateLastAccessed(myclient, arn, myAccountId):
ServiceNamespaces=jmespath.search("ServicesLastAccessed[*].ServiceNamespace", accessDetails)
)
returnString = []
# try:
for p in jmespath.search("PoliciesGrantingServiceAccess[*].Policies[]", r2):
if p.get("PolicyType") == "INLINE":
returnString.append("INLINE:" + p.get("PolicyName"))
else:
if myAccountId in p.get("PolicyArn"):
returnString.append(p.get("PolicyArn"))
# except JMESPathTypeError:
# pass
return list(dict.fromkeys(returnString))
def formatDate(myTime: time) -> str:
if myTime is None:
return "Never"
else:
return myTime.date()
sts = boto3.client('sts')
accountId = sts.get_caller_identity()["Account"]
@ -52,17 +55,17 @@ for u in jmespath.search("Users[*]", entity):
accessKeyQuery = client.list_access_keys(UserName=u.get('UserName'))
keys = accessKeyQuery.get("AccessKeyMetadata")
print("UserName", u.get("UserName"), sep=": ")
print("CreateDate", u.get("CreateDate"), sep=": ")
print("PasswordLastUsed", u.get("PasswordLastUsed"), sep=": ")
print("CreateDate", formatDate(u.get("CreateDate")), sep=": ")
print("PasswordLastUsed", formatDate(u.get("PasswordLastUsed")), sep=": ")
doPolicyLastUsed = False if u.get("PasswordLastUsed") is None else True
for k in accessKeyQuery.get("AccessKeyMetadata"):
print("AccessKeyId", k.get("AccessKeyId"), sep=": ")
print("AccessKeyStatus", k.get("Status"), sep=": ")
if k.get("Status") == "Inactive":
doPolicyLastUsed = False
print("AccessKeyCreateDate", k.get("CreateDate"), sep=": ")
print("AccessKeyCreateDate", formatDate(k.get("CreateDate")), sep=": ")
akLastUsedQuery = client.get_access_key_last_used(AccessKeyId=k.get("AccessKeyId"))
print("AccessKeyLastUsed", akLastUsedQuery.get("AccessKeyLastUsed").get("LastUsedDate"), sep=": ")
print("AccessKeyLastUsed", formatDate(akLastUsedQuery.get("AccessKeyLastUsed").get("LastUsedDate")), sep=": ")
if doPolicyLastUsed:
print("CustomerPolicyLastUsed", generateLastAccessed(client, u.get("Arn"), accountId), sep=": ")
print("-" * 10)
@ -73,7 +76,7 @@ print("=" * 40)
entity = client.list_groups()
print("GroupName", "CreateDate", sep=",")
for g in jmespath.search("Groups[*]", entity):
print(g.get("GroupName"), g.get("CreateDate"), sep=", ")
print(g.get("GroupName"), formatDate(g.get("CreateDate")), sep=", ")
print("=" * 40)
print("** Roles **")
@ -86,8 +89,8 @@ for r in jmespath.search("Roles[*]", entity):
getRoleQuery = client.get_role(RoleName=r.get("RoleName"))
r1 = getRoleQuery.get("Role")
print("RoleName", r1.get("RoleName"), sep=": ")
print("CreateDate", r1.get("CreateDate"), sep=": ")
print("RoleLastUsed", jmespath.search("RoleLastUsed.LastUsedDate", r1), sep=": ")
print("CreateDate", formatDate(r1.get("CreateDate")), sep=": ")
print("RoleLastUsed", formatDate(jmespath.search("RoleLastUsed.LastUsedDate", r1)), sep=": ")
if jmespath.search("RoleLastUsed.LastUsedDate", r1) is not None:
print("CustomerPolicyLastUsed", generateLastAccessed(client, r1.get("Arn"), accountId), sep=": ")
print("-" * 10)