Rotate AWS IAM Access Keys by script

Context:

Provided IAM access keys set to expire in 12 hours. Developing locally hit constantly “Token expired” exceptions.

Solution:

Create an IAM User Access Key on demand by script, following AWS recommendations as to rotate access keys every now and then.

Problem:

Creating these access keys and setting to the .aws/credentials file is a very manual work

Solution:

Script the whole process through AWS CLI

Required:

• An IAM User Name
• A valid access key for a one-time set up

Requirements:

Given one valid IAM Access Key for the IAM User Name, create another access key and set it up for the default profile in .aws/credentials.

Given two valid IAM Access Keys for the IAM User Name, delete the oldest of the two; then create a new

Script:

Usage:

.\RotateKeys.ps1 -IAMUserName ‘YourIAMUserName’

Pre-conditions:

• AWS CLI installed
• AWS IAM User Name created (How to)

Reference:

• https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html#Using_RotateAccessKey
• https://docs.aws.amazon.com/cli/latest/reference/iam/