class Aws::Session::Credentials::Cli

Command line interface

Public Instance Methods

assume_role() click to toggle source
# File lib/aws/session/credentials/cli.rb, line 104
def assume_role
  cli_opts = options.transform_keys { |key| key.sub(/-/, '_') }

  if cli_opts['role_alias']
    cf = Config.new(path: cli_opts['config_file'])
    rl = cf.role(cli_opts['role_alias'].to_sym)
    cli_opts = rl.to_h.deep_stringify_keys.deep_merge(cli_opts)
  end

  cli_opts['role_arn'] ||= make_role_arn(cli_opts['role_account'], cli_opts['role_name'])

  SessionManager.new.assume_role(cli_opts.deep_symbolize_keys)
end
configure() click to toggle source
# File lib/aws/session/credentials/cli.rb, line 155
def configure
  cli_opts = options.transform_keys { |key| key.sub(/-/, '_') }
  cli_opts['source_profile'] ||= ask('Source profile (leave blank for "default"):')
  cli_opts['aws_access_key_id'] ||= ask('AWS Access Key ID:')
  cli_opts['aws_secret_access_key'] ||= ask('AWS Secret Access Key:', echo: false)
  puts '' # BUG: No LF printed when echo is set to false
  cli_opts['aws_region'] ||= ask('AWS region:')
  cli_opts['duration'] ||= ask('Session duration (in seconds):').to_i

  puts ''
  if yes?('Configure MFA (y/n)?')
    cli_opts['mfa_device'] ||= ask('MFA device ARN:')
    puts ''
    if yes?('Configure Yubikey (y/n)?')
      cli_opts['oath_credential'] ||= ask('OATH credential name:')
    end
  end

  cli_opts['source_profile'] = 'default' if cli_opts['source_profile'].empty?

  prof = Profile.new(cli_opts.except('config_file', 'source_profile'))
  cf = Config.new(path: cli_opts['config_file'])
  cf.set_profile(cli_opts[:source_profile], prof)
end
configure_role() click to toggle source
# File lib/aws/session/credentials/cli.rb, line 229
def configure_role
  cli_opts = options.transform_keys { |key| key.sub(/-/, '_') }
  cli_opts['role_alias'] ||= ask('Provide an alias for this role:')

  if cli_opts['role_account'] && cli_opts['role_name']
    cli_opts['role_arn'] = make_role_arn(cli_opts['role_account'], cli_opts['role_name'])
  elsif !cli_opts['role_arn']
    puts ''
    if yes?('Provide role account and name instead of role ARN (y/n)?')
      account = ask('Role account ID:')
      role_name = ask('Name of role:')
      cli_opts['role_arn'] = make_role_arn(account, role_name)
    else
      cli_opts['role_arn'] = ask('Role ARN:')
    end
  end

  unless cli_opts['role_session_name']
    if yes?('Customise role session name (y/n)?')
      cli_opts['role_session_name'] = ask('Role session name:')
    else
      account, role_name = split_role_arn(cli_opts['role_arn'])
      cli_opts['role_session_name'] = "#{role_name}@#{account}"
    end
  end

  cli_opts['profile'] ||= ask('Profile to use when assuming role (leave blank to use "default"):')
  cli_opts['profile'] = 'default' if cli_opts['profile'].empty?

  cli_opts['duration'] ||= ask('Duration in seconds of assumed role:')

  rl = Role.new(cli_opts.except('config_file'))
  cf = Config.new(path: cli_opts['config_file'])
  cf.set_role(cli_opts[:role_alias], rl)
end
list_profiles() click to toggle source
# File lib/aws/session/credentials/cli.rb, line 266
def list_profiles
  store = CredentialFile.new

  puts "Profiles located in #{store.path}:"
  store.print_profiles(self)
end
list_roles() click to toggle source
# File lib/aws/session/credentials/cli.rb, line 278
def list_roles
  store = Config.new(path: options['config-file'])

  puts "Profiles located in #{store.path}:"
  store.print_roles(self)
end
list_source_profiles() click to toggle source
# File lib/aws/session/credentials/cli.rb, line 290
def list_source_profiles
  store = Config.new(path: options['config-file'])

  puts "Profiles located in #{store.path}:"
  store.print_profiles(self)
end
make_role_arn(account, role_name) click to toggle source
# File lib/aws/session/credentials/cli.rb, line 331
def make_role_arn(account, role_name)
  "arn:aws:iam::#{account}:role/#{role_name}"
end
new() click to toggle source
# File lib/aws/session/credentials/cli.rb, line 54
def new
  cli_opts = options.transform_keys { |key| key.sub(/-/, '_') }
  SessionManager.new.new_session(cli_opts.deep_symbolize_keys)
end
shell_env(shell_name = '') click to toggle source
# File lib/aws/session/credentials/cli.rb, line 303
        def shell_env(shell_name = '')
          prof = CredentialFile.new.profile(options['profile'])
          case shell_name
          when 'bash'
            puts <<-EOF
export AWS_ACCESS_KEY_ID="#{prof.aws_access_key_id}"
export AWS_SECRET_ACCESS_KEY="#{prof.aws_secret_access_key}"
export AWS_SESSION_TOKEN="#{prof.aws_session_token}"
EOF
          when 'powershell'
            puts <<-EOF
$Env:AWS_ACCESS_KEY_ID = "#{prof.aws_access_key_id}"
$Env:AWS_SECRET_ACCESS_KEY = "#{prof.aws_secret_access_key}"
$Env:AWS_SESSION_TOKEN = "#{prof.aws_session_token}"
EOF
          when ''
            raise "Please specify a shell. Currently supported shells are: bash and powershell"
          else
            raise "Unsupported shell '#{shell_name}'"
          end
        end
split_role_arn(role_arn) click to toggle source
# File lib/aws/session/credentials/cli.rb, line 335
def split_role_arn(role_arn)
  role_arn.scan(%r{arn:aws:iam::(.+):role/(.+)}).first
end
version() click to toggle source
# File lib/aws/session/credentials/cli.rb, line 326
def version
  puts "aws-session-credentials #{Aws::Session::Credentials::VERSION}"
end