samples
turbot/flowpipe-samples/deactivate-expired-aws-iam-access-keys

Deactivate Expired AWS IAM Keys

Deactivates expired AWS IAM access keys and notifies via Slack channel.

Requirements

Docker daemon must be installed and running. Please see Install Docker Engine for more information.

Installation

Download and install Flowpipe (https://flowpipe.io/downloads). Or use Brew:

brew tap turbot/tap
brew install flowpipe

Clone:

git clone https://github.com/turbot/flowpipe-samples.git
cd public_cloud/deactivate_expired_aws_iam_access_keys

Install mod dependencies:

flowpipe mod install

Credentials

By default, the following environment variables will be used for authentication:

  • AWS_PROFILE
  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • AWS_PROFILE
  • SLACK_TOKEN

You can also create credential resources in configuration files:

vi creds.fpc
credential "aws" "aws_profile" {
profile = "my-profile"
}
credential "aws" "aws_access_key_pair" {
access_key = "AKIA..."
secret_key = "dP+C+J..."
}
credential "aws" "aws_session_token" {
access_key = "AKIA..."
secret_key = "dP+C+J..."
session_token = "AQoDX..."
}
credential "slack" "default" {
token = "xoxp-12345-..."
}

For more information on credentials in Flowpipe, please see Managing Credentials.

Usage

Run the pipeline and specify the slack_channel pipeline arguments:

flowpipe pipeline run deactivate_expired_aws_iam_access_keys --arg slack_channel=my_notification_channel

Configuration

To avoid entering variable values when running the pipeline or starting the server, you can set variable values:

cp flowpipe.fpvars.example flowpipe.fpvars
vi flowpipe.fpvars
# Optional
# aws_cred = "non_default_cred"
# slack_cred = "non_default_cred"

Open Source & Contributing

This repository is published under the Apache 2.0 license. Please see our code of conduct. We look forward to collaborating with you!

Flowpipe is a product produced from this open source software, exclusively by Turbot HQ, Inc. It is distributed under our commercial terms. Others are allowed to make their own distribution of the software, but cannot use any of the Turbot trademarks, cloud services, etc. You can learn more in our Open Source FAQ.

Get Involved

Join #flowpipe on Slack →

Want to help but not sure where to start? Pick up one of the help wanted issues: