100 Days of AWS — Day 25- Rotating IAM Keys on a regular basis using Boto3

import boto3
from datetime import datetime, timezone
client = boto3.client("iam")
paginator = client.get_paginator('list_users')
current_date=datetime.now(timezone.utc)
max_key_age=5
for response in paginator.paginate():
for user in response['Users']:
username = user['UserName']
accesskey_id = accesskey['AccessKeyId']
key_creation_date = accesskey['CreateDate']
age = (current_date - key_creation_date).days            if age > max_key_age:
print("Deactivating Key for the following users: " + username)
client.update_access_key(UserName=username, AccessKeyId=accesskey_id, Status='Inactive')

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Prashant Lakhera

Prashant Lakhera

4.91K Followers

AWS Community Builder, Ex-Redhat, Author, Blogger, YouTuber, RHCA, RHCDS, RHCE, Docker Certified,4XAWS, CCNA, MCP, Certified Jenkins, Terraform Certified, 1XGCP