Trung Tran This workflow corresponds to n8n.io template #7501 — we link there as the canonical source.
This workflow follows the HTTP Request → Slack recipe pattern — see all workflows that pair these two integrations.
The workflow JSON
Copy or download the full n8n JSON below. Paste it into a new n8n workflow, add your credentials, activate. Full import guide →
{
"id": "Q0EjgXk8j2ygOvy5",
"meta": {
"templateCredsSetupCompleted": true
},
"name": "AWS IAM Access Key Rotation Reminder Automation Workflow",
"tags": [
{
"id": "hvp6nueQ4hpIJWbY",
"name": "aws",
"createdAt": "2025-08-17T05:47:27.209Z",
"updatedAt": "2025-08-17T05:47:27.209Z"
}
],
"nodes": [
{
"id": "77d5914f-44dd-4267-be75-f960f477702d",
"name": "Weekly scheduler",
"type": "n8n-nodes-base.scheduleTrigger",
"position": [
-448,
16
],
"parameters": {
"rule": {
"interval": [
{
"field": "weeks"
}
]
}
},
"typeVersion": 1.2
},
{
"id": "e0c92177-d85f-45c1-b0a6-bcb7e9b424e1",
"name": "Get many users",
"type": "n8n-nodes-base.awsIam",
"position": [
-224,
16
],
"parameters": {
"returnAll": true,
"requestOptions": {},
"additionalFields": {}
},
"credentials": {
"aws": {
"name": "<your credential>"
}
},
"typeVersion": 1
},
{
"id": "d019ce1c-ce14-42df-856a-fc9dcaaf533f",
"name": "No Operation, do nothing",
"type": "n8n-nodes-base.noOp",
"position": [
672,
112
],
"parameters": {},
"typeVersion": 1
},
{
"id": "f0b5101b-e521-45d9-9d93-9bcffa3a1702",
"name": "Send a message",
"type": "n8n-nodes-base.slack",
"position": [
672,
-80
],
"parameters": {
"text": "=:warning: Access key for {{ $json.ListAccessKeysResponse.ListAccessKeysResult.AccessKeyMetadata[0].UserName }} is {{ $json.ListAccessKeysResponse.ListAccessKeysResult.AccessKeyMetadata[0].CreateDate.toDateTime('s').diffTo($now, 'days').ceil().abs() }} days old \u2014 rotate soon.",
"user": {
"__rl": true,
"mode": "list",
"value": "U054RMBTVBM",
"cachedResultName": "trung.tran"
},
"select": "user",
"otherOptions": {},
"authentication": "oAuth2"
},
"credentials": {
"slackOAuth2Api": {
"name": "<your credential>"
}
},
"typeVersion": 2.3
},
{
"id": "7b14679e-4c0d-42bc-904f-41c8f2e3d957",
"name": "Sticky Note",
"type": "n8n-nodes-base.stickyNote",
"position": [
-1536,
-592
],
"parameters": {
"width": 976,
"height": 1008,
"content": "# AWS IAM Access Key Rotation Reminder Automation Workflow\n\n## **Who\u2019s it for**\n- DevOps/SRE teams responsible for AWS account security. \n- Security/compliance officers ensuring key rotation policies are followed. \n- Any AWS account owner who wants automatic detection of stale access keys. \n\n## **How it works / What it does**\n1. **Weekly Scheduler** \u2014 triggers the workflow on a recurring basis. \n2. **Get Many Users** \u2014 fetches all IAM users in the AWS account. \n3. **Get User Access Key(s)** \u2014 retrieves the access keys associated with each user. \n4. **Filter Out Inactive Keys** \u2014 removes keys that are not active (e.g., status `Inactive`). \n5. **Access Key Older Than 365 Days** \u2014 checks the key creation date and flags keys older than one year. \n6. **Send Slack Message** \u2014 notifies a Slack channel with details of the outdated key(s) for review and action. \n7. **No Operation** \u2014 safely ends the workflow if no keys match the condition. \n\n## **How to set up**\n- Configure the **Weekly Scheduler** to run at your desired cadence (e.g., every Monday). \n- Use **Get Many Users** to list all IAM users. \n- For each user, call **ListAccessKeys** (`Get User Access Key(s)`) to fetch their key metadata. \n- Apply a filter to keep only keys with status `Active`. \n- Add a condition to compare `CreateDate` against `today - 365 days`. \n- Send results to Slack using the **Slack Post Message** node. \n\n## **Requirements**\n- n8n (latest version). \n- AWS credential in n8n configured for **us-east-1** (IAM requires signing with this region). \n- IAM permissions: \n - `iam:ListUsers` \n - `iam:ListAccessKeys` \n- Slack bot credentials with permission to post messages in the desired channel. \n\n## **How to customize the workflow**\n- **Change threshold** \u2014 adjust the `365 days` condition to 90, 180, or any other rotation policy. \n- **Escalation** \u2014 mention `@security` or create a Jira/Ticket when old keys are found. \n- **Logging** \u2014 push flagged results into a Google Sheet, database, or log management system for audit. \n- **Automation** \u2014 instead of only notifying, add a step to automatically deactivate keys older than the threshold (after approval). \n- **Multi-account support** \u2014 duplicate or loop across multiple AWS credentials if you manage several AWS accounts. "
},
"typeVersion": 1
},
{
"id": "9234cd35-9728-47de-96c8-1eb5c4ffb354",
"name": "Sticky Note1",
"type": "n8n-nodes-base.stickyNote",
"position": [
-512,
-144
],
"parameters": {
"height": 112,
"content": "### 1. Schedule Workflow\nRun the workflow on a weekly schedule to automatically check all IAM users."
},
"typeVersion": 1
},
{
"id": "9d2fff11-c252-45f8-af8b-e18761fed2a6",
"name": "Sticky Note2",
"type": "n8n-nodes-base.stickyNote",
"position": [
-208,
192
],
"parameters": {
"width": 304,
"height": 112,
"content": "\n### 2. Retrieve IAM Users and Access Keys\nFetch all IAM users and list their associated access keys."
},
"typeVersion": 1
},
{
"id": "e5535511-2750-45dd-bd7b-1daf18d41842",
"name": "Sticky Note3",
"type": "n8n-nodes-base.stickyNote",
"position": [
112,
-144
],
"parameters": {
"width": 256,
"height": 96,
"content": "### 3. Filter Keys\nRemove inactive keys and keep only those that are active."
},
"typeVersion": 1
},
{
"id": "9714750e-365f-40fb-a917-7dfbce8d1803",
"name": "Sticky Note4",
"type": "n8n-nodes-base.stickyNote",
"position": [
336,
208
],
"parameters": {
"height": 112,
"content": "### 4. Check Key Age\nIdentify keys that are older than 365 days based on their creation date."
},
"typeVersion": 1
},
{
"id": "bee26e8e-3f62-44e0-abf1-2a42b293ae75",
"name": "Sticky Note7",
"type": "n8n-nodes-base.stickyNote",
"position": [
896,
-64
],
"parameters": {
"width": 528,
"height": 112,
"content": ""
},
"typeVersion": 1
},
{
"id": "ccbe9813-0aa1-410c-b389-abe678fa1d25",
"name": "Get User Access Key(s)",
"type": "n8n-nodes-base.httpRequest",
"position": [
0,
16
],
"parameters": {
"url": "=https://iam.amazonaws.com/?Action=ListAccessKeys&UserName={{ $json.UserName }}&Version=2010-05-08",
"options": {},
"authentication": "predefinedCredentialType",
"nodeCredentialType": "aws"
},
"credentials": {
"aws": {
"name": "<your credential>"
}
},
"typeVersion": 4.2
},
{
"id": "60809479-ea5c-4446-aa70-5c6d841d09ea",
"name": "Filter out inactive keys",
"type": "n8n-nodes-base.filter",
"position": [
224,
16
],
"parameters": {
"options": {},
"conditions": {
"options": {
"version": 2,
"leftValue": "",
"caseSensitive": true,
"typeValidation": "strict"
},
"combinator": "and",
"conditions": [
{
"id": "2853872a-825b-4f59-8b4b-358cac8b197b",
"operator": {
"type": "string",
"operation": "equals"
},
"leftValue": "={{ $json.ListAccessKeysResponse.ListAccessKeysResult.AccessKeyMetadata[0].Status }}",
"rightValue": "Active"
}
]
}
},
"typeVersion": 2.2
},
{
"id": "b58b0157-cd92-4e49-b6e9-739269329775",
"name": "Access Key Older Than 365 days ",
"type": "n8n-nodes-base.if",
"position": [
448,
16
],
"parameters": {
"options": {},
"conditions": {
"options": {
"version": 2,
"leftValue": "",
"caseSensitive": true,
"typeValidation": "strict"
},
"combinator": "and",
"conditions": [
{
"id": "93641224-b6d2-4db1-8537-d85b1bbff56d",
"operator": {
"type": "dateTime",
"operation": "before"
},
"leftValue": "={{ $json.ListAccessKeysResponse.ListAccessKeysResult.AccessKeyMetadata[0].CreateDate.toDateTime('s') }}",
"rightValue": "={{ $today.minus(365,'days') }}"
}
]
}
},
"typeVersion": 2.2
},
{
"id": "f98f864f-2efa-4246-93ab-a45667751d7a",
"name": "Sticky Note5",
"type": "n8n-nodes-base.stickyNote",
"position": [
640,
-224
],
"parameters": {
"height": 112,
"content": "### 5. Notify via Slack\nSend a Slack message with details of any outdated keys for review and action."
},
"typeVersion": 1
}
],
"active": false,
"settings": {
"executionOrder": "v1"
},
"versionId": "9cfdc756-fa57-40df-b849-4e445cfe6631",
"connections": {
"Get many users": {
"main": [
[
{
"node": "Get User Access Key(s)",
"type": "main",
"index": 0
}
]
]
},
"Weekly scheduler": {
"main": [
[
{
"node": "Get many users",
"type": "main",
"index": 0
}
]
]
},
"Get User Access Key(s)": {
"main": [
[
{
"node": "Filter out inactive keys",
"type": "main",
"index": 0
}
]
]
},
"Filter out inactive keys": {
"main": [
[
{
"node": "Access Key Older Than 365 days ",
"type": "main",
"index": 0
}
]
]
},
"Access Key Older Than 365 days ": {
"main": [
[
{
"node": "Send a message",
"type": "main",
"index": 0
}
],
[
{
"node": "No Operation, do nothing",
"type": "main",
"index": 0
}
]
]
}
}
}
Credentials you'll need
Each integration node will prompt for credentials when you import. We strip credential IDs before publishing — you'll add your own.
awsslackOAuth2Api
Pro
For the full experience including quality scoring and batch install features for each workflow upgrade to Pro
About this workflow
[](https://youtu.be/tW2y_dRvcs0) DevOps/SRE teams responsible for AWS account security. Security/compliance officers ensuring key rotation policies are followed. Any AWS account owner who wants automatic detection of stale access keys. Weekly Scheduler — triggers the workflow on…
Source: https://n8n.io/workflows/7501/ — original creator credit. Request a take-down →
Related workflows
Workflows that share integrations, category, or trigger type with this one. All free to copy and import.
> Weekly job that finds IAM users with no activity for > 90 days and notifies a Slack channel. > ⚠️ Important: AWS SigV4 for IAM must be scoped to **. Create the AWS credential in n8n with re
Aws Iam, Slack, HTTP Request
This workflow is designed for engineering teams, project managers, and IT operations who need consistent visibility into team availability across multiple projects. It’s perfect for organizations that
HTTP Request, Execute Workflow Trigger, Slack
This workflow is an automated system that tracks End-of-Life (EOL) dates for software and technologies used across your projects. It eliminates the need to manually monitor EOL dates in spreadsheets o
HTTP Request, Noco Db, Slack
This workflow continuously monitors the Meta Ads Library for new creatives from a specific competitor pages, logs them into Google Sheets, and sends a concise Telegram notification with the number of
HTTP Request, Telegram, Google Sheets +1
Enhance financial oversight with this automated n8n workflow. Triggered every 5 minutes, it fetches real-time bank transactions via an API, enriches and transforms the data, and applies smart logic to
HTTP Request, Email Send, Google Sheets +1