mirror of
https://github.com/ohmyzsh/ohmyzsh.git
synced 2024-11-25 15:20:08 +00:00
feat(aws): respect optional parameters from the AWS CLI config file (#9453)
This commit is contained in:
parent
9b119866dd
commit
ce836647e5
1 changed files with 16 additions and 9 deletions
|
@ -50,32 +50,39 @@ function acp() {
|
||||||
|
|
||||||
# First, if the profile has MFA configured, lets get the token and session duration
|
# First, if the profile has MFA configured, lets get the token and session duration
|
||||||
local mfa_serial="$(aws configure get mfa_serial --profile $profile)"
|
local mfa_serial="$(aws configure get mfa_serial --profile $profile)"
|
||||||
|
local sess_duration="$(aws configure get duration_seconds --profile $profile)"
|
||||||
|
|
||||||
if [[ -n "$mfa_serial" ]]; then
|
if [[ -n "$mfa_serial" ]]; then
|
||||||
local -a mfa_opt
|
local -a mfa_opt
|
||||||
local mfa_token sess_duration
|
local mfa_token
|
||||||
echo -n "Please enter your MFA token for $mfa_serial: "
|
echo -n "Please enter your MFA token for $mfa_serial: "
|
||||||
read -r mfa_token
|
read -r mfa_token
|
||||||
echo -n "Please enter the session duration in seconds (900-43200; default: 3600, which is the default maximum for a role): "
|
if [[ -z "$sess_duration" ]]; then
|
||||||
read -r sess_duration
|
echo -n "Please enter the session duration in seconds (900-43200; default: 3600, which is the default maximum for a role): "
|
||||||
|
read -r sess_duration
|
||||||
|
fi
|
||||||
mfa_opt=(--serial-number "$mfa_serial" --token-code "$mfa_token" --duration-seconds "${sess_duration:-3600}")
|
mfa_opt=(--serial-number "$mfa_serial" --token-code "$mfa_token" --duration-seconds "${sess_duration:-3600}")
|
||||||
|
|
||||||
# Now see whether we need to just MFA for the current role, or assume a different one
|
# Now see whether we need to just MFA for the current role, or assume a different one
|
||||||
local role_arn="$(aws configure get role_arn --profile $profile)"
|
local role_arn="$(aws configure get role_arn --profile $profile)"
|
||||||
|
local sess_name="$(aws configure get role_session_name --profile $profile)"
|
||||||
|
|
||||||
if [[ -n "$role_arn" ]]; then
|
if [[ -n "$role_arn" ]]; then
|
||||||
# Means we need to assume a specified role
|
# Means we need to assume a specified role
|
||||||
aws_command=(aws sts assume-role --role-arn "$role_arn" "${mfa_opt[@]}")
|
aws_command=(aws sts assume-role --role-arn "$role_arn" "${mfa_opt[@]}")
|
||||||
|
|
||||||
# Check whether external_id is configured to use while assuming the role
|
# Check whether external_id is configured to use while assuming the role
|
||||||
local external_id="$(aws configure get external_id --profile "$profile")"
|
local external_id="$(aws configure get external_id --profile $profile)"
|
||||||
if [[ -n "$external_id" ]]; then
|
if [[ -n "$external_id" ]]; then
|
||||||
aws_command+=(--external-id "$external_id")
|
aws_command+=(--external-id "$external_id")
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Get source profile to use to assume role
|
# Get source profile to use to assume role
|
||||||
local source_profile="$(aws configure get source_profile --profile "$profile")"
|
local source_profile="$(aws configure get source_profile --profile $profile)"
|
||||||
aws_command+=(--profile="${source_profile:-profile}" --role-session-name "${source_profile:-profile}")
|
if [[ -z "$sess_name" ]]; then
|
||||||
|
sess_name="${source_profile:-profile}"
|
||||||
|
fi
|
||||||
|
aws_command+=(--profile="${source_profile:-profile}" --role-session-name "${sess_name}")
|
||||||
|
|
||||||
echo "Assuming role $role_arn using profile ${source_profile:-profile}"
|
echo "Assuming role $role_arn using profile ${source_profile:-profile}"
|
||||||
else
|
else
|
||||||
|
@ -122,13 +129,13 @@ function aws_change_access_key() {
|
||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
echo Insert the credentials when asked.
|
echo "Insert the credentials when asked."
|
||||||
asp "$1" || return 1
|
asp "$1" || return 1
|
||||||
AWS_PAGER="" aws iam create-access-key
|
AWS_PAGER="" aws iam create-access-key
|
||||||
AWS_PAGER="" aws configure --profile "$1"
|
AWS_PAGER="" aws configure --profile "$1"
|
||||||
|
|
||||||
echo You can now safely delete the old access key running \`aws iam delete-access-key --access-key-id ID\`
|
echo "You can now safely delete the old access key running \`aws iam delete-access-key --access-key-id ID\`"
|
||||||
echo Your current keys are:
|
echo "Your current keys are:"
|
||||||
AWS_PAGER="" aws iam list-access-keys
|
AWS_PAGER="" aws iam list-access-keys
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue