2022-04-14 13:35:10 +00:00
|
|
|
#!/bin/bash
|
|
|
|
#set -x
|
|
|
|
|
2022-04-19 14:26:09 +00:00
|
|
|
MY_ACCOUNT=$(aws sts get-caller-identity --output json | jq -r .Account)
|
2022-04-14 13:35:10 +00:00
|
|
|
|
|
|
|
for r in $(aws ec2 describe-regions --query "Regions[].{Name:RegionName}" --output text); do
|
2022-04-19 14:26:09 +00:00
|
|
|
keyAlias="arn:aws:kms:${r}:${MY_ACCOUNT}:alias/zdt/amis"
|
|
|
|
keyArn=$(aws kms describe-key --region $r --key-id $keyAlias --output json 2>/dev/null | jq -r '.KeyMetadata.Arn')
|
2022-04-14 13:35:10 +00:00
|
|
|
|
2022-04-19 14:26:09 +00:00
|
|
|
if [ -n "$keyArn" ]; then
|
|
|
|
aws kms list-grants --region $r --key-id $keyArn --output json | jq '.Grants[]'
|
2022-04-14 13:35:10 +00:00
|
|
|
fi
|
|
|
|
done
|