queirozsc
8/30/2017 - 6:32 PM
Automatic Backups for Your AWS Account's IAM Configuration https://www.aaronmedacco.com/blog/post/2017/01/23/automatic-backups-for-your-aws-
Automatic Backups for Your AWS Account's IAM Configuration https://www.aaronmedacco.com/blog/post/2017/01/23/automatic-backups-for-your-aws-account-s-iam-configuration
var AWS = require("aws-sdk");
exports.handler = (event, context, callback) => {
var iam = new AWS.IAM();
var s3 = new AWS.S3();
var params = {};
iam.getAccountAuthorizationDetails(params, function(err, data){
if (err) {
console.log(err, err.stack);
}
else {
var today = new Date();
var dd = today.getDate();
var mm = today.getMonth()+1;
var yyyy = today.getFullYear();
if (dd < 10) {
dd = "0" + dd;
}
if (mm < 10) {
mm = "0" + mm;
}
var destinationBucket = "Your Bucket Name";
var objectName = yyyy.toString() + "-" + mm.toString() + "-" + dd.toString() + "-" + "IAM-Config-Backup.json";
var body = JSON.stringify(data);
var uploadParam = { Bucket: destinationBucket, Key: objectName, Body: body, ContentType: "application/json", StorageClass: "STANDARD" };
s3.upload(uploadParam, function(err, data) {
if (err) {
console.log(err, err.stack);
} else{
console.log("IAM configuration backup upload successful.")
}
});
}
});
};{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"iam:GetAccountAuthorizationDetails"
],
"Resource": [
"*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:PutObject"
],
"Resource": [
"arn:aws:s3:::Your Bucket ARN/*"
]
}
]
}