mirror of
https://github.com/ohmyzsh/ohmyzsh.git
synced 2024-12-18 10:22:00 +00:00
feat(aws): accept aws mfa tokencode on acp
cli call (#10130)
Co-authored-by: Mike Mattice <mmattice@reliant.io>
This commit is contained in:
parent
22c11da108
commit
fe9d87d6dc
2 changed files with 9 additions and 7 deletions
|
@ -16,10 +16,10 @@ plugins=(... aws)
|
|||
Run `asp` without arguments to clear the profile.
|
||||
* `asp [<profile>] login`: If AWS SSO has been configured in your aws profile, it will run the `aws sso login` command following profile selection.
|
||||
|
||||
* `acp [<profile>]`: in addition to `asp` functionality, it actually changes the profile by
|
||||
assuming the role specified in the `<profile>` configuration. It supports MFA and sets
|
||||
`$AWS_ACCESS_KEY_ID`, `$AWS_SECRET_ACCESS_KEY` and `$AWS_SESSION_TOKEN`, if obtained. It
|
||||
requires the roles to be configured as per the
|
||||
* `acp [<profile>] [<mfa_token>]`: in addition to `asp` functionality, it actually changes
|
||||
the profile by assuming the role specified in the `<profile>` configuration. It supports
|
||||
MFA and sets `$AWS_ACCESS_KEY_ID`, `$AWS_SECRET_ACCESS_KEY` and `$AWS_SESSION_TOKEN`, if
|
||||
obtained. It requires the roles to be configured as per the
|
||||
[official guide](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-role.html).
|
||||
Run `acp` without arguments to clear the profile.
|
||||
|
||||
|
|
|
@ -45,6 +45,7 @@ function acp() {
|
|||
fi
|
||||
|
||||
local profile="$1"
|
||||
local mfa_token="$2"
|
||||
|
||||
# Get fallback credentials for if the aws command fails or no command is run
|
||||
local aws_access_key_id="$(aws configure get aws_access_key_id --profile $profile)"
|
||||
|
@ -58,9 +59,10 @@ function acp() {
|
|||
|
||||
if [[ -n "$mfa_serial" ]]; then
|
||||
local -a mfa_opt
|
||||
local mfa_token
|
||||
echo -n "Please enter your MFA token for $mfa_serial: "
|
||||
read -r mfa_token
|
||||
if [[ -z "$mfa_token" ]]; then
|
||||
echo -n "Please enter your MFA token for $mfa_serial: "
|
||||
read -r mfa_token
|
||||
fi
|
||||
if [[ -z "$sess_duration" ]]; then
|
||||
echo -n "Please enter the session duration in seconds (900-43200; default: 3600, which is the default maximum for a role): "
|
||||
read -r sess_duration
|
||||
|
|
Loading…
Reference in a new issue