Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
adam.huang
Oh My Zsh
Commits
ce836647
Unverified
Commit
ce836647
authored
Nov 19, 2020
by
Roman Danyk
Committed by
GitHub
Nov 19, 2020
Browse files
feat(aws): respect optional parameters from the AWS CLI config file (#9453)
parent
9b119866
Changes
1
Hide whitespace changes
Inline
Side-by-side
plugins/aws/aws.plugin.zsh
View file @
ce836647
...
@@ -50,32 +50,39 @@ function acp() {
...
@@ -50,32 +50,39 @@ function acp() {
# First, if the profile has MFA configured, lets get the token and session duration
# First, if the profile has MFA configured, lets get the token and session duration
local
mfa_serial
=
"
$(
aws configure get mfa_serial
--profile
$profile
)
"
local
mfa_serial
=
"
$(
aws configure get mfa_serial
--profile
$profile
)
"
local
sess_duration
=
"
$(
aws configure get duration_seconds
--profile
$profile
)
"
if
[[
-n
"
$mfa_serial
"
]]
;
then
if
[[
-n
"
$mfa_serial
"
]]
;
then
local
-a
mfa_opt
local
-a
mfa_opt
local
mfa_token
sess_duration
local
mfa_token
echo
-n
"Please enter your MFA token for
$mfa_serial
: "
echo
-n
"Please enter your MFA token for
$mfa_serial
: "
read
-r
mfa_token
read
-r
mfa_token
echo
-n
"Please enter the session duration in seconds (900-43200; default: 3600, which is the default maximum for a role): "
if
[[
-z
"
$sess_duration
"
]]
;
then
read
-r
sess_duration
echo
-n
"Please enter the session duration in seconds (900-43200; default: 3600, which is the default maximum for a role): "
read
-r
sess_duration
fi
mfa_opt
=(
--serial-number
"
$mfa_serial
"
--token-code
"
$mfa_token
"
--duration-seconds
"
${
sess_duration
:-
3600
}
"
)
mfa_opt
=(
--serial-number
"
$mfa_serial
"
--token-code
"
$mfa_token
"
--duration-seconds
"
${
sess_duration
:-
3600
}
"
)
# Now see whether we need to just MFA for the current role, or assume a different one
# Now see whether we need to just MFA for the current role, or assume a different one
local
role_arn
=
"
$(
aws configure get role_arn
--profile
$profile
)
"
local
role_arn
=
"
$(
aws configure get role_arn
--profile
$profile
)
"
local
sess_name
=
"
$(
aws configure get role_session_name
--profile
$profile
)
"
if
[[
-n
"
$role_arn
"
]]
;
then
if
[[
-n
"
$role_arn
"
]]
;
then
# Means we need to assume a specified role
# Means we need to assume a specified role
aws_command
=(
aws sts assume-role
--role-arn
"
$role_arn
"
"
${
mfa_opt
[@]
}
"
)
aws_command
=(
aws sts assume-role
--role-arn
"
$role_arn
"
"
${
mfa_opt
[@]
}
"
)
# Check whether external_id is configured to use while assuming the role
# Check whether external_id is configured to use while assuming the role
local
external_id
=
"
$(
aws configure get external_id
--profile
"
$profile
"
)
"
local
external_id
=
"
$(
aws configure get external_id
--profile
$profile
)
"
if
[[
-n
"
$external_id
"
]]
;
then
if
[[
-n
"
$external_id
"
]]
;
then
aws_command+
=(
--external-id
"
$external_id
"
)
aws_command+
=(
--external-id
"
$external_id
"
)
fi
fi
# Get source profile to use to assume role
# Get source profile to use to assume role
local
source_profile
=
"
$(
aws configure get source_profile
--profile
"
$profile
"
)
"
local
source_profile
=
"
$(
aws configure get source_profile
--profile
$profile
)
"
aws_command+
=(
--profile
=
"
${
source_profile
:-
profile
}
"
--role-session-name
"
${
source_profile
:-
profile
}
"
)
if
[[
-z
"
$sess_name
"
]]
;
then
sess_name
=
"
${
source_profile
:-
profile
}
"
fi
aws_command+
=(
--profile
=
"
${
source_profile
:-
profile
}
"
--role-session-name
"
${
sess_name
}
"
)
echo
"Assuming role
$role_arn
using profile
${
source_profile
:-
profile
}
"
echo
"Assuming role
$role_arn
using profile
${
source_profile
:-
profile
}
"
else
else
...
@@ -122,13 +129,13 @@ function aws_change_access_key() {
...
@@ -122,13 +129,13 @@ function aws_change_access_key() {
return
1
return
1
fi
fi
echo
Insert the credentials when asked.
echo
"
Insert the credentials when asked.
"
asp
"
$1
"
||
return
1
asp
"
$1
"
||
return
1
AWS_PAGER
=
""
aws iam create-access-key
AWS_PAGER
=
""
aws iam create-access-key
AWS_PAGER
=
""
aws configure
--profile
"
$1
"
AWS_PAGER
=
""
aws configure
--profile
"
$1
"
echo
You can now safely delete the old access key running
\`
aws iam delete-access-key
--access-key-id
ID
\`
echo
"
You can now safely delete the old access key running
\`
aws iam delete-access-key --access-key-id ID
\`
"
echo
Your current keys are:
echo
"
Your current keys are:
"
AWS_PAGER
=
""
aws iam list-access-keys
AWS_PAGER
=
""
aws iam list-access-keys
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment