class Aws::Session::Credentials::Cli
Command line interface
Public Instance Methods
assume_role()
click to toggle source
# File lib/aws/session/credentials/cli.rb, line 104 def assume_role cli_opts = options.transform_keys { |key| key.sub(/-/, '_') } if cli_opts['role_alias'] cf = Config.new(path: cli_opts['config_file']) rl = cf.role(cli_opts['role_alias'].to_sym) cli_opts = rl.to_h.deep_stringify_keys.deep_merge(cli_opts) end cli_opts['role_arn'] ||= make_role_arn(cli_opts['role_account'], cli_opts['role_name']) SessionManager.new.assume_role(cli_opts.deep_symbolize_keys) end
configure()
click to toggle source
# File lib/aws/session/credentials/cli.rb, line 155 def configure cli_opts = options.transform_keys { |key| key.sub(/-/, '_') } cli_opts['source_profile'] ||= ask('Source profile (leave blank for "default"):') cli_opts['aws_access_key_id'] ||= ask('AWS Access Key ID:') cli_opts['aws_secret_access_key'] ||= ask('AWS Secret Access Key:', echo: false) puts '' # BUG: No LF printed when echo is set to false cli_opts['aws_region'] ||= ask('AWS region:') cli_opts['duration'] ||= ask('Session duration (in seconds):').to_i puts '' if yes?('Configure MFA (y/n)?') cli_opts['mfa_device'] ||= ask('MFA device ARN:') puts '' if yes?('Configure Yubikey (y/n)?') cli_opts['oath_credential'] ||= ask('OATH credential name:') end end cli_opts['source_profile'] = 'default' if cli_opts['source_profile'].empty? prof = Profile.new(cli_opts.except('config_file', 'source_profile')) cf = Config.new(path: cli_opts['config_file']) cf.set_profile(cli_opts[:source_profile], prof) end
configure_role()
click to toggle source
# File lib/aws/session/credentials/cli.rb, line 229 def configure_role cli_opts = options.transform_keys { |key| key.sub(/-/, '_') } cli_opts['role_alias'] ||= ask('Provide an alias for this role:') if cli_opts['role_account'] && cli_opts['role_name'] cli_opts['role_arn'] = make_role_arn(cli_opts['role_account'], cli_opts['role_name']) elsif !cli_opts['role_arn'] puts '' if yes?('Provide role account and name instead of role ARN (y/n)?') account = ask('Role account ID:') role_name = ask('Name of role:') cli_opts['role_arn'] = make_role_arn(account, role_name) else cli_opts['role_arn'] = ask('Role ARN:') end end unless cli_opts['role_session_name'] if yes?('Customise role session name (y/n)?') cli_opts['role_session_name'] = ask('Role session name:') else account, role_name = split_role_arn(cli_opts['role_arn']) cli_opts['role_session_name'] = "#{role_name}@#{account}" end end cli_opts['profile'] ||= ask('Profile to use when assuming role (leave blank to use "default"):') cli_opts['profile'] = 'default' if cli_opts['profile'].empty? cli_opts['duration'] ||= ask('Duration in seconds of assumed role:') rl = Role.new(cli_opts.except('config_file')) cf = Config.new(path: cli_opts['config_file']) cf.set_role(cli_opts[:role_alias], rl) end
list_profiles()
click to toggle source
# File lib/aws/session/credentials/cli.rb, line 266 def list_profiles store = CredentialFile.new puts "Profiles located in #{store.path}:" store.print_profiles(self) end
list_roles()
click to toggle source
# File lib/aws/session/credentials/cli.rb, line 278 def list_roles store = Config.new(path: options['config-file']) puts "Profiles located in #{store.path}:" store.print_roles(self) end
list_source_profiles()
click to toggle source
# File lib/aws/session/credentials/cli.rb, line 290 def list_source_profiles store = Config.new(path: options['config-file']) puts "Profiles located in #{store.path}:" store.print_profiles(self) end
make_role_arn(account, role_name)
click to toggle source
# File lib/aws/session/credentials/cli.rb, line 331 def make_role_arn(account, role_name) "arn:aws:iam::#{account}:role/#{role_name}" end
new()
click to toggle source
# File lib/aws/session/credentials/cli.rb, line 54 def new cli_opts = options.transform_keys { |key| key.sub(/-/, '_') } SessionManager.new.new_session(cli_opts.deep_symbolize_keys) end
shell_env(shell_name = '')
click to toggle source
# File lib/aws/session/credentials/cli.rb, line 303 def shell_env(shell_name = '') prof = CredentialFile.new.profile(options['profile']) case shell_name when 'bash' puts <<-EOF export AWS_ACCESS_KEY_ID="#{prof.aws_access_key_id}" export AWS_SECRET_ACCESS_KEY="#{prof.aws_secret_access_key}" export AWS_SESSION_TOKEN="#{prof.aws_session_token}" EOF when 'powershell' puts <<-EOF $Env:AWS_ACCESS_KEY_ID = "#{prof.aws_access_key_id}" $Env:AWS_SECRET_ACCESS_KEY = "#{prof.aws_secret_access_key}" $Env:AWS_SESSION_TOKEN = "#{prof.aws_session_token}" EOF when '' raise "Please specify a shell. Currently supported shells are: bash and powershell" else raise "Unsupported shell '#{shell_name}'" end end
split_role_arn(role_arn)
click to toggle source
# File lib/aws/session/credentials/cli.rb, line 335 def split_role_arn(role_arn) role_arn.scan(%r{arn:aws:iam::(.+):role/(.+)}).first end
version()
click to toggle source
# File lib/aws/session/credentials/cli.rb, line 326 def version puts "aws-session-credentials #{Aws::Session::Credentials::VERSION}" end