LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-06-2018, 10:36 AM   #1
bluethundr
Member
 
Registered: Jun 2003
Location: Summit, NJ
Distribution: CentOS 5.4
Posts: 142

Rep: Reputation: 15
Post identify elements of a bash array - determine if aws keys are 90 days old


I have a line in my bash script that pulls the AWS access keys and the dates they were created for a user.

Code:
aws iam list-access-keys --user-name $user_name --profile=prod  | jq -r '.AccessKeyMetadata[] | (.AccessKeyId, .CreateDate)')
It outputs the information like this:

Code:
    AKIAI6Q5EQ53GONANGBA
    2018-07-05T21:28:39Z
    AKIAICDOHVTMEAB6RM5Q
    2018-02-08T03:55:51Z
I tried creating an array and looping for the array:

Code:
   echo "User $user_name keys:"

   user_keys=( $(aws iam list-access-keys --user-name $user_name --profile=prod  | jq -r '.AccessKeyMetadata[] | (.AccessKeyId, .CreateDate)' '\n') )
   for i in "$user_keys"
   do 
     echo "$user_keys"
   done
But all that gets me is this output:

Code:
User my_aws_user keys:
AKIAI6Q5EQ53GONANGBA
I want to assign the output of that command to an array. And print out the key and time stamp on one line. And use the time stamp to determine if the user's key is older than 90 days.

If it is older than 90 days it will perform some additional functions, that I already have worked out. How can I achieve this?

Thanks

Last edited by bluethundr; 07-06-2018 at 12:48 PM.
 
Old 07-06-2018, 12:01 PM   #2
keefaz
LQ Guru
 
Registered: Mar 2004
Distribution: Slackware
Posts: 6,230

Rep: Reputation: 724Reputation: 724Reputation: 724Reputation: 724Reputation: 724Reputation: 724Reputation: 724
You could use bash hash to store keys, timestamp as hash key, user key as value

something like
Code:
longCommand() {
    aws iam list-access-keys --user-name $1 --profile=kpmg-prod \
| jq -r '.AccessKeyMetadata[] | (.AccessKeyId, .CreateDate)' '\n'
}


declare -A user_keys

while read -r key timestamp; do
  user_keys[$timestamp]=$key
done < <( longCommand $user_name )

# iterate
for time in "${!user_keys[@]}"; do
  echo "time: $time, key: ${user_keys[$time]}"
done

Last edited by keefaz; 07-06-2018 at 12:02 PM.
 
Old 07-06-2018, 12:50 PM   #3
bluethundr
Member
 
Registered: Jun 2003
Location: Summit, NJ
Distribution: CentOS 5.4
Posts: 142

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by keefaz View Post
You could use bash hash to store keys, timestamp as hash key, user key as value

something like
Code:
longCommand() {
    aws iam list-access-keys --user-name $1 --profile=prod \
| jq -r '.AccessKeyMetadata[] | (.AccessKeyId, .CreateDate)' '\n'
}


declare -A user_keys

while read -r key timestamp; do
  user_keys[$timestamp]=$key
done < <( longCommand $user_name )

# iterate
for time in "${!user_keys[@]}"; do
  echo "time: $time, key: ${user_keys[$time]}"
done
Thanks! But when I run that exact code, I get this error:

Code:
jq: error: Could not open file \n: No such file or directory
How can I add a newline to a jq query?

Last edited by bluethundr; 07-06-2018 at 12:53 PM.
 
Old 07-06-2018, 01:16 PM   #4
keefaz
LQ Guru
 
Registered: Mar 2004
Distribution: Slackware
Posts: 6,230

Rep: Reputation: 724Reputation: 724Reputation: 724Reputation: 724Reputation: 724Reputation: 724Reputation: 724
I don't know jq, I copied program parameters from your loop example.
I notice now that it's different from your first example though

Try changing the longFunction to:
Code:
longCommand() {
    aws iam list-access-keys --user-name $1 --profile=prod \
| jq -r '.AccessKeyMetadata[] | (.AccessKeyId, .CreateDate)'
}
 
Old 07-06-2018, 01:29 PM   #5
bluethundr
Member
 
Registered: Jun 2003
Location: Summit, NJ
Distribution: CentOS 5.4
Posts: 142

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by keefaz View Post
I don't know jq, I copied program parameters from your loop example.
I notice now that it's different from your first example though

Try changing the longFunction to:
Code:
longCommand() {
    aws iam list-access-keys --user-name $1 --profile=prod \
| jq -r '.AccessKeyMetadata[] | (.AccessKeyId, .CreateDate)'
}
Ok, no problem. I'll give that a shot. Thanks for your help!
 
Old 08-22-2018, 02:30 PM   #6
bluethundr
Member
 
Registered: Jun 2003
Location: Summit, NJ
Distribution: CentOS 5.4
Posts: 142

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by bluethundr View Post
Ok, no problem. I'll give that a shot. Thanks for your help!
That works! Thanks!
 
Old 08-23-2018, 04:19 PM   #7
MadeInGermany
Senior Member
 
Registered: Dec 2011
Location: Simplicity
Posts: 1,197

Rep: Reputation: 547Reputation: 547Reputation: 547Reputation: 547Reputation: 547Reputation: 547
In your original post, replace
Code:
   for i in "$user_keys"
   do 
     echo "$user_keys"
   done
with
Code:
   for i in "${user_keys[@]}"
   do 
     echo "$i"
   done
 
  


Reply

Tags
aws, bash, bash loop, bash script $@


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Bash - find number of keys in particular array unclesamcrazy Linux - Newbie 13 05-04-2016 11:31 AM
[SOLVED] Help counting elements from an array in Bash Script. pampers Programming 3 04-15-2013 08:08 AM
[SOLVED] Read correctly bash array with spaces in its elements cgcamal Programming 4 10-05-2011 10:46 PM
Bash - Searching strings for array elements... Phier Programming 18 05-09-2010 04:37 AM
Renaming array elements in bash bryan.out.there Programming 2 05-31-2006 11:44 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:18 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration