forked from vinayhegde105/Devops_Scripts
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathdelete_aws_iam.sh
More file actions
40 lines (34 loc) · 1.45 KB
/
delete_aws_iam.sh
File metadata and controls
40 lines (34 loc) · 1.45 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#!/bin/bash
user_name="ado_migration"
echo "Removing user: ${user_name}"
echo "Deleting Access Keys:"
keys=("$(aws iam list-access-keys --user-name "${user_name}" | jq -r '.AccessKeyMetadata[] | .AccessKeyId')")
if [[ "${#keys}" -gt "0" ]]; then
# shellcheck disable=SC2068
for key in ${keys[@]}; do
echo -e "\tDeleting access key ${key}"
aws iam delete-access-key --user-name "${user_name}" --access-key-id "${key}"
done
fi
echo "Deleting service-specific-credentials Keys:"
sp_keys=("$(aws iam list-service-specific-credentials --user-name "${user_name}" | jq -r '.ServiceSpecificCredentials[] | .ServiceSpecificCredentialId')")
if [[ "${#sp_keys}" -gt "0" ]]; then
# shellcheck disable=SC2068
for sp_key in ${sp_keys[@]}; do
echo -e "\tDeleting service-specific-credentials ${sp_key}"
aws iam delete-service-specific-credential --user-name "${user_name}" --service-specific-credential-id "${sp_key}"
done
fi
echo "Removing Attached User Policies:"
pols=("$(aws iam list-attached-user-policies --user-name "${user_name}" | jq -r '.AttachedPolicies[] | .PolicyArn')")
if [[ "${#pols}" -gt "0" ]]; then
# shellcheck disable=SC2068
for policy in ${pols[@]}; do
echo -e "\tDetaching user policy $(basename "${policy}")"
aws iam detach-user-policy \
--user-name "${user_name}" \
--policy-arn "${policy}"
done
fi
echo "Deleting User"
aws iam delete-user --user-name "${user_name}"