Keep an Eye on IAM Access Keys: The AWS IAM Scraper

December 29, 2025 • Cloud Security

Are you an AWS Guardian responsible for security? Then you should always keep an eye on your active IAM Access Keys in all accounts of your AWS organization.

In large AWS environments, it is often a challenge to keep track of all distributed access keys. A forgotten or too old key pair can quickly become a security risk.

A handy Java tool for security audits

To simplify this task, I have developed a small Java tool that does the job for you:

Organization-wide query: Automatically retrieves all account IDs in your AWS organization via the master account.
Detailed analysis: The tool reads all user access keys in each individual account.
CSV export: The results are output in CSV format directly to the console, ready for further processing in Excel or other audit tools.

Try it out now

You can either download the source code, build and run it yourself, or choose the easy way via the pre-built Docker image.

GitHub: AWS IAM Scraper

Conclusion

Security in the cloud begins with visibility. With the AWS IAM Scraper, you get a quick and uncomplicated overview of the status of your IAM credentials.

Questions, problems, or ideas? Just send me a message!

Check the security of your cloud environment?

We analyze your AWS organization and implement security standards according to best practices.

Request Security Check