Get data about the last use of an IAM access key using an AWS SDK - AWS SDK Code Examples

There are more AWS SDK examples available in the AWS Doc SDK Examples GitHub repo.

Get data about the last use of an IAM access key using an AWS SDK

The following code examples show how to get data about the last use of an IAM access key.

C++
SDK for C++
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

bool AwsDoc::IAM::accessKeyLastUsed(const Aws::String &secretKeyID, const Aws::Client::ClientConfiguration &clientConfig) { Aws::IAM::IAMClient iam(clientConfig); Aws::IAM::Model::GetAccessKeyLastUsedRequest request; request.SetAccessKeyId(secretKeyID); Aws::IAM::Model::GetAccessKeyLastUsedOutcome outcome = iam.GetAccessKeyLastUsed( request); if (!outcome.IsSuccess()) { std::cerr << "Error querying last used time for access key " << secretKeyID << ":" << outcome.GetError().GetMessage() << std::endl; } else { Aws::String lastUsedTimeString = outcome.GetResult() .GetAccessKeyLastUsed() .GetLastUsedDate() .ToGmtString(Aws::Utils::DateFormat::ISO_8601); std::cout << "Access key " << secretKeyID << " last used at time " << lastUsedTimeString << std::endl; } return outcome.IsSuccess(); }
JavaScript
SDK for JavaScript V3
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

Create the client.

import { IAMClient } from "@aws-sdk/client-iam"; // Set the AWS Region. const REGION = "REGION"; // For example, "us-east-1". // Create an IAM service client object. const iamClient = new IAMClient({ region: REGION }); export { iamClient };

Get the access key.

// Import required AWS SDK clients and commands for Node.js. import { iamClient } from "./libs/iamClient.js"; import { GetAccessKeyLastUsedCommand } from "@aws-sdk/client-iam"; // Set the parameters. export const params = { AccessKeyId: "ACCESS_KEY_ID" }; //ACCESS_KEY_ID export const run = async () => { try { const data = await iamClient.send(new GetAccessKeyLastUsedCommand(params)); console.log("Success", data); return data; } catch (err) { console.log("Error", err); } }; run();
SDK for JavaScript V2
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

// Load the AWS SDK for Node.js var AWS = require('aws-sdk'); // Set the region AWS.config.update({region: 'REGION'}); // Create the IAM service object var iam = new AWS.IAM({apiVersion: '2010-05-08'}); iam.getAccessKeyLastUsed({AccessKeyId: 'ACCESS_KEY_ID'}, function(err, data) { if (err) { console.log("Error", err); } else { console.log("Success", data.AccessKeyLastUsed); } });
Python
SDK for Python (Boto3)
Note

There's more on GitHub. Find the complete example and learn how to set up and run in the AWS Code Examples Repository.

def get_last_use(key_id): """ Gets information about when and how a key was last used. :param key_id: The ID of the key to look up. :return: Information about the key's last use. """ try: response = iam.meta.client.get_access_key_last_used(AccessKeyId=key_id) last_used_date = response['AccessKeyLastUsed'].get('LastUsedDate', None) last_service = response['AccessKeyLastUsed'].get('ServiceName', None) logger.info( "Key %s was last used by %s on %s to access %s.", key_id, response['UserName'], last_used_date, last_service) except ClientError: logger.exception("Couldn't get last use of key %s.", key_id) raise else: return response