Skip to content

AWS Assume Role script improvements #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

AWS Assume Role script improvements #1

wants to merge 1 commit into from

Conversation

@letic
Copy link

@letic letic commented Jan 2, 2019

  • Make the script more modular no need to hardcode value anymore
  • Get the user's AWS CLI credentials
  • Ability to choose from different AWS profile (could be easily added as a parameter with getopts but didn't wanted to spend too much time on this)

@letic
- Make the script more modular no need to hardcode value anymore
5bd4831 
- Get the user's AWS CLI credentials
- Ability to choose from different AWS profile (could be easily added as a parameter with getopts but didn't wanted to spend too much time on this)
Integralist
Integralist reviewed Jan 5, 2019
View reviewed changes
aws-cli-assumerole.sh
unset AWS_SESSION_TOKEN
export AWS_ACCESS_KEY_ID=$(grep -A2 "\[$AWS_PROFILE\]" ~/.aws/credentials | awk -F"= " '/aws_access_key_id/ {print $2}')
export AWS_SECRET_ACCESS_KEY=$(grep -A2 "\[$AWS_PROFILE\]" ~/.aws/credentials | awk -F"= " '/aws_secret_access_key/ {print $2}')
export AWS_REGION=$(grep -A2 "\[$AWS_PROFILE\]" ~/.aws/config | awk -F"= " '/region/ {print $2}')
Copy link
Owner

@Integralist Integralist Jan 5, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the grep/awk flows are effectively the same, would it make sense to move the logic to a function and just pass in aws_access_key_id, aws_secret_access_key, region as the differentiator?

Copy link
Author

@letic letic Jan 5, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Of course that would be cleaner.

aws-cli-assumerole.sh
if [ ! -z "$3" ]; then
AWS_SESSION_NAME=$3
else
AWS_SESSION_NAME="Assume-$1"
Copy link
Owner

@Integralist Integralist Jan 5, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd like to assign $1 to a variable (e.g. AWS_ID) just for clarity, especially later where you reference $1 as part of the assume role line (it makes that line just a little bit clearer).

Copy link
Author

@letic letic Jan 5, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sure good idea 👍

I also thought that we should add a parameter to revert the credentials to the default AWS profile.

Looking forward to your improvements.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Integralist Integralist Integralist left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@letic @Integralist