用于 MFA 强制实施和访问密钥停用的自动化 AWS IAM 合规工作流
高级
这是一个SecOps、Multimodal AI领域的自动化工作流,包含 19 个节点。主要使用 Code、Slack、AwsIam、Filter、HttpRequest 等节点。 AWS IAM 合规自动化:强制 MFA 并清理访问密钥
前置要求
- •Slack Bot Token 或 Webhook URL
- •AWS Access Key 和 Secret
- •可能需要目标 API 的认证凭证
工作流预览
可视化展示节点连接关系,支持缩放和平移
导出工作流
复制以下 JSON 配置到 n8n 导入,即可使用此工作流
{
"id": "Q0EjgXk8j2ygOvy5",
"meta": {
"instanceId": "4a2e6764ba7a6bc9890d9225f4b21d570ce88fc9bd57549c89057fcee58fed0f",
"templateCredsSetupCompleted": true
},
"name": "用于 MFA 强制实施和访问密钥停用的自动化 AWS IAM 合规工作流",
"tags": [
{
"id": "hvp6nueQ4hpIJWbY",
"name": "aws",
"createdAt": "2025-08-17T05:47:27.209Z",
"updatedAt": "2025-08-17T05:47:27.209Z"
}
],
"nodes": [
{
"id": "e0c92177-d85f-45c1-b0a6-bcb7e9b424e1",
"name": "获取多个用户",
"type": "n8n-nodes-base.awsIam",
"position": [
-224,
-48
],
"parameters": {
"returnAll": true,
"requestOptions": {},
"additionalFields": {}
},
"credentials": {
"aws": {
"id": "d62669OP9bvnmE4n",
"name": "us-east-1"
}
},
"typeVersion": 1
},
{
"id": "7b14679e-4c0d-42bc-904f-41c8f2e3d957",
"name": "便签",
"type": "n8n-nodes-base.stickyNote",
"position": [
-1536,
-592
],
"parameters": {
"width": 976,
"height": 1200,
"content": "# 用于 MFA 强制实施和访问密钥停用的自动化 AWS IAM 合规工作流"
},
"typeVersion": 1
},
{
"id": "9234cd35-9728-47de-96c8-1eb5c4ffb354",
"name": "便签1",
"type": "n8n-nodes-base.stickyNote",
"position": [
-528,
-208
],
"parameters": {
"width": 256,
"height": 144,
"content": "### 1. 调度工作流"
},
"typeVersion": 1
},
{
"id": "9d2fff11-c252-45f8-af8b-e18761fed2a6",
"name": "便签2",
"type": "n8n-nodes-base.stickyNote",
"position": [
-320,
128
],
"parameters": {
"width": 304,
"height": 128,
"content": "### 2. 👥 获取所有 IAM 用户"
},
"typeVersion": 1
},
{
"id": "e5535511-2750-45dd-bd7b-1daf18d41842",
"name": "便签3",
"type": "n8n-nodes-base.stickyNote",
"position": [
-96,
-240
],
"parameters": {
"width": 288,
"height": 144,
"content": "### 3. 🔐 获取 IAM 用户 MFA 设备"
},
"typeVersion": 1
},
{
"id": "9714750e-365f-40fb-a917-7dfbce8d1803",
"name": "便签4",
"type": "n8n-nodes-base.stickyNote",
"position": [
384,
224
],
"parameters": {
"width": 368,
"height": 128,
"content": ""
},
"typeVersion": 1
},
{
"id": "bee26e8e-3f62-44e0-abf1-2a42b293ae75",
"name": "便签 7",
"type": "n8n-nodes-base.stickyNote",
"position": [
1280,
-144
],
"parameters": {
"width": 608,
"content": ""
},
"typeVersion": 1
},
{
"id": "f98f864f-2efa-4246-93ab-a45667751d7a",
"name": "便利贴5",
"type": "n8n-nodes-base.stickyNote",
"position": [
368,
-320
],
"parameters": {
"width": 272,
"content": "### 4. 💬 发送警告消息"
},
"typeVersion": 1
},
{
"id": "ccbe9813-0aa1-410c-b389-abe678fa1d25",
"name": "获取 IAM 用户 MFA 设备",
"type": "n8n-nodes-base.httpRequest",
"position": [
0,
-48
],
"parameters": {
"url": "=https://iam.amazonaws.com/?Action=ListMFADevices&UserName={{ $json.UserName }}&Version=2010-05-08",
"options": {},
"authentication": "predefinedCredentialType",
"nodeCredentialType": "aws"
},
"credentials": {
"aws": {
"id": "d62669OP9bvnmE4n",
"name": "us-east-1"
}
},
"typeVersion": 4.2
},
{
"id": "60809479-ea5c-4446-aa70-5c6d841d09ea",
"name": "过滤掉已配置 MFA 设备的 IAM 用户",
"type": "n8n-nodes-base.filter",
"position": [
224,
-48
],
"parameters": {
"options": {},
"conditions": {
"options": {
"version": 2,
"leftValue": "",
"caseSensitive": true,
"typeValidation": "strict"
},
"combinator": "and",
"conditions": [
{
"id": "2853872a-825b-4f59-8b4b-358cac8b197b",
"operator": {
"type": "array",
"operation": "empty",
"singleValue": true
},
"leftValue": "={{ $json.ListMFADevicesResponse.ListMFADevicesResult.MFADevices }}",
"rightValue": "Active"
}
]
}
},
"typeVersion": 2.2
},
{
"id": "5a499cf2-b352-4e15-93ee-03ce2d0df32d",
"name": "获取用户访问密钥",
"type": "n8n-nodes-base.httpRequest",
"position": [
448,
48
],
"parameters": {
"url": "=https://iam.amazonaws.com/?Action=ListAccessKeys&UserName={{ $('Get many users').item.json.UserName }}&Version=2010-05-08",
"options": {},
"authentication": "predefinedCredentialType",
"nodeCredentialType": "aws"
},
"credentials": {
"aws": {
"id": "d62669OP9bvnmE4n",
"name": "us-east-1"
}
},
"typeVersion": 4.2
},
{
"id": "77d5914f-44dd-4267-be75-f960f477702d",
"name": "每日调度器",
"type": "n8n-nodes-base.scheduleTrigger",
"position": [
-448,
-48
],
"parameters": {
"rule": {
"interval": [
{}
]
}
},
"typeVersion": 1.2
},
{
"id": "f0b5101b-e521-45d9-9d93-9bcffa3a1702",
"name": "发送警告消息",
"type": "n8n-nodes-base.slack",
"position": [
448,
-144
],
"webhookId": "7c4ae1f3-4589-484f-b55e-0e74b920044a",
"parameters": {
"text": "=⚠️ Security Warning\nThe system has detected that user {{ $('Get many users').item.json.UserName }}, created on {{ $('Get many users').item.json.CreateDate.toDateTime('s') }}, does not have an MFA (Multi-Factor Authentication) device enabled.\nPlease enable MFA immediately to comply with security best practices.",
"select": "channel",
"channelId": {
"__rl": true,
"mode": "list",
"value": "C097VAKKPUP",
"cachedResultName": "it-support"
},
"otherOptions": {},
"authentication": "oAuth2"
},
"credentials": {
"slackOAuth2Api": {
"id": "4JSKt9sIRV1KGswQ",
"name": "Slack account"
}
},
"typeVersion": 2.3
},
{
"id": "33fec879-44f5-4b87-aa36-976f440a8cd4",
"name": "停用访问密钥",
"type": "n8n-nodes-base.httpRequest",
"position": [
1328,
48
],
"parameters": {
"url": "=https://iam.amazonaws.com/?Action=UpdateAccessKey&UserName={{ $json.UserName }}&AccessKeyId={{ $json.AccessKeyId }}&Status=Inactive&Version=2010-05-08",
"options": {},
"authentication": "predefinedCredentialType",
"nodeCredentialType": "aws"
},
"credentials": {
"aws": {
"id": "d62669OP9bvnmE4n",
"name": "us-east-1"
}
},
"typeVersion": 4.2
},
{
"id": "5d112ea5-aff9-4a4e-aa4b-835847a70fb3",
"name": "过滤非活跃密钥",
"type": "n8n-nodes-base.filter",
"position": [
896,
48
],
"parameters": {
"options": {},
"conditions": {
"options": {
"version": 2,
"leftValue": "",
"caseSensitive": true,
"typeValidation": "strict"
},
"combinator": "and",
"conditions": [
{
"id": "2853872a-825b-4f59-8b4b-358cac8b197b",
"operator": {
"type": "string",
"operation": "equals"
},
"leftValue": "={{ $json.Status }}",
"rightValue": "Active"
}
]
}
},
"typeVersion": 2.2
},
{
"id": "96034aab-7108-4dc8-a525-074ea63b5f3a",
"name": "解析用户访问密钥列表",
"type": "n8n-nodes-base.code",
"position": [
672,
48
],
"parameters": {
"jsCode": "const items = await $input.all();\nconst results = [];\n\nfor (const item of items) {\n const accessKeys = item.json?.ListAccessKeysResponse?.ListAccessKeysResult?.AccessKeyMetadata || [];\n\n for (const key of accessKeys) {\n results.push({\n json: {\n UserName: key.UserName,\n AccessKeyId: key.AccessKeyId,\n Status: key.Status,\n CreateDate: new Date(key.CreateDate * 1000).toISOString(),\n }\n });\n }\n}\n\nreturn results.length > 0\n ? results\n : [{ json: { warning: 'No access keys found in input data' } }];"
},
"typeVersion": 2
},
{
"id": "f62c4dac-f501-49ca-962a-20dad60cca72",
"name": "便签 6",
"type": "n8n-nodes-base.stickyNote",
"position": [
1520,
48
],
"parameters": {
"width": 400,
"height": 128,
"content": "### 6. 🔒 停用访问密钥"
},
"typeVersion": 1
},
{
"id": "e96b7315-a7c9-4fdf-b2cd-dd7ceebd6cd4",
"name": "发送消息并等待响应",
"type": "n8n-nodes-base.slack",
"position": [
1136,
48
],
"webhookId": "2c7c3227-a44d-4fa2-a390-00c30b11e800",
"parameters": {
"user": {
"__rl": true,
"mode": "list",
"value": "U054RMBTVBM",
"cachedResultName": "trung.tran"
},
"message": "=⚠️ *Access Key Deactivation Request*\nUser *`{{ $json.UserName }}`* does not have MFA enabled.\nThey have active access key(s) that may pose a security risk.\nDo you approve disabling the access key *`{{ $json.AccessKeyId }}`*?",
"options": {
"limitWaitTime": {
"values": {
"resumeUnit": "minutes",
"resumeAmount": 60
}
}
},
"operation": "sendAndWait",
"authentication": "oAuth2",
"approvalOptions": {
"values": {
"approvalType": "double"
}
}
},
"credentials": {
"slackOAuth2Api": {
"id": "4JSKt9sIRV1KGswQ",
"name": "Slack account"
}
},
"typeVersion": 2.3
},
{
"id": "807d2857-7a94-4a93-8943-5987497daf13",
"name": "便签8",
"type": "n8n-nodes-base.stickyNote",
"position": [
928,
224
],
"parameters": {
"width": 464,
"height": 176,
"content": ""
},
"typeVersion": 1
}
],
"active": false,
"pinData": {},
"settings": {
"executionOrder": "v1"
},
"versionId": "16313843-f027-42f1-a3dd-e8e0be8ad28a",
"connections": {
"Get many users": {
"main": [
[
{
"node": "Get IAM User MFA Devices",
"type": "main",
"index": 0
}
]
]
},
"Daily scheduler": {
"main": [
[
{
"node": "Get many users",
"type": "main",
"index": 0
}
]
]
},
"Get User Access Key(s)": {
"main": [
[
{
"node": "Parse the list of user access key(s)",
"type": "main",
"index": 0
}
]
]
},
"Deactivate Access Key(s)": {
"main": [
[]
]
},
"Filter out inactive keys": {
"main": [
[
{
"node": "Send message and wait for response",
"type": "main",
"index": 0
}
]
]
},
"Get IAM User MFA Devices": {
"main": [
[
{
"node": "Filter out IAM user with MFA device",
"type": "main",
"index": 0
}
]
]
},
"Send message and wait for response": {
"main": [
[
{
"node": "Deactivate Access Key(s)",
"type": "main",
"index": 0
}
]
]
},
"Filter out IAM user with MFA device": {
"main": [
[
{
"node": "Send warning message(s)",
"type": "main",
"index": 0
},
{
"node": "Get User Access Key(s)",
"type": "main",
"index": 0
}
]
]
},
"Parse the list of user access key(s)": {
"main": [
[
{
"node": "Filter out inactive keys",
"type": "main",
"index": 0
}
]
]
}
}
}常见问题
如何使用这个工作流?
复制上方的 JSON 配置代码,在您的 n8n 实例中创建新工作流并选择「从 JSON 导入」,粘贴配置后根据需要修改凭证设置即可。
这个工作流适合什么场景?
这是一个高级难度的工作流,适用于SecOps、Multimodal AI等场景。适合高级用户,包含 16+ 个节点的复杂工作流
需要付费吗?
本工作流完全免费,您可以直接导入使用。但请注意,工作流中使用的第三方服务(如 OpenAI API)可能需要您自行付费。
相关工作流推荐
AWS IAM 非活跃用户自动化告警工作流
监控 AWS IAM 非活跃用户并通过 Slack 发送告警
If
Slack
Aws Iam
+5
16 节点Trung Tran
SecOps
AWS IAM访问密钥轮换提醒自动化工作流
为超过365天的AWS IAM访问密钥发送Slack警报
If
Slack
Aws Iam
+5
14 节点Trung Tran
SecOps
AWS ACM 证书自动续期(含 Slack 审批)
带 Slack 审批工作流的 AWS 证书自动续期
Slack
Filter
Schedule Trigger
+2
14 节点Trung Tran
SecOps
带聊天机器人和 GPT-4.1 的自动化 Slack 频道审核工作流
自动化Slack频道闲置审核与报告生成,用于工作区清理
Code
Slack
Filter
+2
16 节点Trung Tran
AI Summarization
AWS 自动化 SSL/TLS 证书过期报告
使用 AWS ACM 和 AI 为 Slack 和邮件生成 SSL/TLS 证书过期报告
Set
Code
Slack
+8
23 节点Trung Tran
AI Summarization
构建用于Slack候选人评估的AI驱动聊天机器人
AI简历分析与候选人评估:Slack和Google表格集成
If
Code
Slack
+12
29 节点Trung Tran
AI Chatbot
工作流信息
难度等级
高级
节点数量19
分类2
节点类型7
作者
Trung Tran
@trungtranEmpowering small and medium businesses with smart automation and practical AI, no big tech team required.
外部链接
在 n8n.io 上查看 →
分享此工作流