{"id":18864441,"url":"https://github.com/spirosoik/credentials-janitor","last_synced_at":"2025-04-14T13:13:58.333Z","repository":{"id":41363966,"uuid":"338809624","full_name":"spirosoik/credentials-janitor","owner":"spirosoik","description":"A lambda function which detects and remove unused IAM credentials in AWS","archived":false,"fork":false,"pushed_at":"2021-02-15T15:04:17.000Z","size":41,"stargazers_count":7,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-03-28T02:23:42.043Z","etag":null,"topics":["aws","aws-lambda","devops-tools","golang","iam"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/spirosoik.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2021-02-14T13:18:08.000Z","updated_at":"2024-01-06T17:38:00.000Z","dependencies_parsed_at":"2022-09-05T13:10:27.413Z","dependency_job_id":null,"html_url":"https://github.com/spirosoik/credentials-janitor","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spirosoik%2Fcredentials-janitor","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spirosoik%2Fcredentials-janitor/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spirosoik%2Fcredentials-janitor/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/spirosoik%2Fcredentials-janitor/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/spirosoik","download_url":"https://codeload.github.com/spirosoik/credentials-janitor/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248886329,"owners_count":21177644,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","aws-lambda","devops-tools","golang","iam"],"created_at":"2024-11-08T04:41:19.253Z","updated_at":"2025-04-14T13:13:58.284Z","avatar_url":"https://github.com/spirosoik.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# credentials-janitor\nA lambda function which detects and remove unused IAM  credentials for AWS users.\n\n## Purpose\n\nRespecting security we need to remove IAM user credentials that are not\nused anymore and notify them back that we revoked their credentials (login profile + access keys).\n\n## How To\n\nWe are going to schedule a CloudWatch event to invoke the lambda function periodically. Lambda function\nwill do the listing and will check when they used last time the login profile and access keys. The max time\nis configurable as environment variable which can be passed in the lambda deployment.\n\n### Architecture\n\n![Architecture](assets/architecture_janitor.png)\n\n## Deploy\n\n```\nmake\n```\n\nThe above will run the followings:\n- Build Binary for lambda\n- Prepare the artifact for Lambda\n- Upload Lambda to provided S3 bucket\n- Apply terraform (note: you need to provide env vars for terraform or use your own `.tfvars`)\n\nFor terraform details you can read the [documentation](terraform/aws/README.md)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspirosoik%2Fcredentials-janitor","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fspirosoik%2Fcredentials-janitor","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspirosoik%2Fcredentials-janitor/lists"}