cloudmapper Separate out new principals from ones that have not been used for 90 days in the IAM report

Separate out new principals from ones that have not been used for 90 days in the IAM report

Open 0xdabbad00 opened this issue 4 years ago • 2 comments

Dec 10 '20 15:12 0xdabbad00

A simple way of doing this is adding the following to https://github.com/duo-labs/cloudmapper/blob/4f5ec6f6eaffdef4c8d14a628215747b548fbc2d/commands/iam_report.py#L104

created = datetime.datetime.strptime(principal_auth["CreateDate"][0:10], "%Y-%m-%d")
        principal_age = (job_completion_date - created).days

        if principal_age < args.max_age:
            stats["is_inactive"] = False

Dec 10 '20 15:12 0xdabbad00

Also add those lines here: https://github.com/duo-labs/cloudmapper/blob/4f5ec6f6eaffdef4c8d14a628215747b548fbc2d/shared/common.py#L404

with s/args.max_age/max_age/

Dec 10 '20 15:12 0xdabbad00

cloudmapper cloudmapper copied to clipboard

Separate out new principals from ones that have not been used for 90 days in the IAM report

cloudmapper
cloudmapper copied to clipboard