#! /bin/bashWHITELIST=$(vault list -format=json auth/aws-ec2/identity-whitelis

1. #! /bin/bash
2.  
3. WHITELIST=$(vault list -format=json auth/aws-ec2/identity-whitelist | jq -r '.[]')
4.  
5. INSTANCES=$(aws ec2 describe-instances)
6. INSTANCE_LIST=$(echo $INSTANCES | jq -r '.Reservations[].Instances[] | .InstanceId')
7.  
8. for item in $WHITELIST; do
9. if echo $INSTANCE_LIST | grep -w $item > /dev/null; then
10. echo "Skipping..."
11. else
12. echo "Delete $item"
13. curl -X DELETE -H "X-VAULT-TOKEN: $VAULT_TOKEN" $VAULT_ADDR/v1/auth/aws-ec2/identity-whitelist/$item
14. fi
15. done