Skip to content
Typescript Library for Generating AWS IAM Credential Reports
TypeScript
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.vscode
dist
src
.gitignore
LICENSE
README.md
package-lock.json
package.json
tsconfig.json

README.md

AWSCredReport

npm docs

This is a small TS library which wraps the aws-sdk to assist in generating AWS Credential Reports.

What's Wrong With the AWS-SDK?

Nothing; but it could be made easier to work with.

First, the SDK includes two methods to create credential reports: GenerateCredentialReport and GetCredentialReport. Its an asynchronous operation, and while the time between generation and retrieval isn't usually too long, its still something callers need to think about.

Moreover, there's no method provided to determine the "status" of a "credential report generation" operation; so, if you were to call Generate, followed by Get, and there's no credential report ready, you'd need to retry. This library handles the retrying for you.

Finally, you're given it back as a CSV-encoded buffer. This library fixes that for you; it'll parse the CSV, and return back a useful data structure.

Usage

import { AWSCredReportClient } from "@mhoc/aws-cred-report";

const main = async () => {
  const client = new AWSCredReportClient();
  const report = await client.generateCredentialReport();
  for (const user of report.users) {
    console.log(`${user.username} mfa status: ${user.mfaActive}`);
    if (user.isRoot && !user.mfaActive) {
      console.log("root account has no mfa active!")
    }
  }
}
You can’t perform that action at this time.