Bang was initially developed as a personal project to help automate the AWS IAM access key rotation process. Keep in mind that the tool is not perfect.
# Clone this repository
git clone https://github.com/yourusername/bang.git
cd bang
# Install dependencies
pip install boto3
# Make the script executable
chmod +x main.pyThe simplest way to use Bang is with default settings:
./main.pyThis command will:
- Detect your current AWS user
- Rotate the access keys for that user
- Update your default profile in ~/.aws/credentials
- Deactivate your old key
- Schedule the old key for deletion after 7 days
- Rotate keys for a specific profile:
./main.py --profile production- Rotate keys for a specific user:
./main.py --user admin-user- Delete old keys immediately with no grace period:
./main.py --grace-period 0- Force rotation when a user already has two keys:
./main.py --forceYou can set up scheduled key rotation using cron or other scheduling tools:
# Example cron entry to rotate keys every 90 days
0 0 1 */3 * /path/to/main.py --profile default >> /var/log/key-rotation.log 2>&1