Skip to content
GitLab
Menu
Projects
Groups
Snippets
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
adam.huang
Ohmyzsh
Commits
ce836647
Unverified
Commit
ce836647
authored
Nov 19, 2020
by
Roman Danyk
Committed by
GitHub
Nov 19, 2020
Browse files
feat(aws): respect optional parameters from the AWS CLI config file (#9453)
parent
9b119866
Changes
1
Hide whitespace changes
Inline
Side-by-side
plugins/aws/aws.plugin.zsh
View file @
ce836647
...
@@ -50,32 +50,39 @@ function acp() {
...
@@ -50,32 +50,39 @@ function acp() {
# First, if the profile has MFA configured, lets get the token and session duration
# First, if the profile has MFA configured, lets get the token and session duration
local
mfa_serial
=
"
$(
aws configure get mfa_serial
--profile
$profile
)
"
local
mfa_serial
=
"
$(
aws configure get mfa_serial
--profile
$profile
)
"
local
sess_duration
=
"
$(
aws configure get duration_seconds
--profile
$profile
)
"
if
[[
-n
"
$mfa_serial
"
]]
;
then
if
[[
-n
"
$mfa_serial
"
]]
;
then
local
-a
mfa_opt
local
-a
mfa_opt
local
mfa_token
sess_duration
local
mfa_token
echo
-n
"Please enter your MFA token for
$mfa_serial
: "
echo
-n
"Please enter your MFA token for
$mfa_serial
: "
read
-r
mfa_token
read
-r
mfa_token
echo
-n
"Please enter the session duration in seconds (900-43200; default: 3600, which is the default maximum for a role): "
if
[[
-z
"
$sess_duration
"
]]
;
then
read
-r
sess_duration
echo
-n
"Please enter the session duration in seconds (900-43200; default: 3600, which is the default maximum for a role): "
read
-r
sess_duration
fi
mfa_opt
=(
--serial-number
"
$mfa_serial
"
--token-code
"
$mfa_token
"
--duration-seconds
"
${
sess_duration
:-
3600
}
"
)
mfa_opt
=(
--serial-number
"
$mfa_serial
"
--token-code
"
$mfa_token
"
--duration-seconds
"
${
sess_duration
:-
3600
}
"
)
# Now see whether we need to just MFA for the current role, or assume a different one
# Now see whether we need to just MFA for the current role, or assume a different one
local
role_arn
=
"
$(
aws configure get role_arn
--profile
$profile
)
"
local
role_arn
=
"
$(
aws configure get role_arn
--profile
$profile
)
"
local
sess_name
=
"
$(
aws configure get role_session_name
--profile
$profile
)
"
if
[[
-n
"
$role_arn
"
]]
;
then
if
[[
-n
"
$role_arn
"
]]
;
then
# Means we need to assume a specified role
# Means we need to assume a specified role
aws_command
=(
aws sts assume-role
--role-arn
"
$role_arn
"
"
${
mfa_opt
[@]
}
"
)
aws_command
=(
aws sts assume-role
--role-arn
"
$role_arn
"
"
${
mfa_opt
[@]
}
"
)
# Check whether external_id is configured to use while assuming the role
# Check whether external_id is configured to use while assuming the role
local
external_id
=
"
$(
aws configure get external_id
--profile
"
$profile
"
)
"
local
external_id
=
"
$(
aws configure get external_id
--profile
$profile
)
"
if
[[
-n
"
$external_id
"
]]
;
then
if
[[
-n
"
$external_id
"
]]
;
then
aws_command+
=(
--external-id
"
$external_id
"
)
aws_command+
=(
--external-id
"
$external_id
"
)
fi
fi
# Get source profile to use to assume role
# Get source profile to use to assume role
local
source_profile
=
"
$(
aws configure get source_profile
--profile
"
$profile
"
)
"
local
source_profile
=
"
$(
aws configure get source_profile
--profile
$profile
)
"
aws_command+
=(
--profile
=
"
${
source_profile
:-
profile
}
"
--role-session-name
"
${
source_profile
:-
profile
}
"
)
if
[[
-z
"
$sess_name
"
]]
;
then
sess_name
=
"
${
source_profile
:-
profile
}
"
fi
aws_command+
=(
--profile
=
"
${
source_profile
:-
profile
}
"
--role-session-name
"
${
sess_name
}
"
)
echo
"Assuming role
$role_arn
using profile
${
source_profile
:-
profile
}
"
echo
"Assuming role
$role_arn
using profile
${
source_profile
:-
profile
}
"
else
else
...
@@ -122,13 +129,13 @@ function aws_change_access_key() {
...
@@ -122,13 +129,13 @@ function aws_change_access_key() {
return
1
return
1
fi
fi
echo
Insert the credentials when asked.
echo
"
Insert the credentials when asked.
"
asp
"
$1
"
||
return
1
asp
"
$1
"
||
return
1
AWS_PAGER
=
""
aws iam create-access-key
AWS_PAGER
=
""
aws iam create-access-key
AWS_PAGER
=
""
aws configure
--profile
"
$1
"
AWS_PAGER
=
""
aws configure
--profile
"
$1
"
echo
You can now safely delete the old access key running
\`
aws iam delete-access-key
--access-key-id
ID
\`
echo
"
You can now safely delete the old access key running
\`
aws iam delete-access-key --access-key-id ID
\`
"
echo
Your current keys are:
echo
"
Your current keys are:
"
AWS_PAGER
=
""
aws iam list-access-keys
AWS_PAGER
=
""
aws iam list-access-keys
}
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment