-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathaws-iam-bootstrap
executable file
·123 lines (111 loc) · 3.97 KB
/
aws-iam-bootstrap
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
#!/usr/bin/env bash
set -euo pipefail
YP_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/.." >/dev/null && pwd)"
source ${YP_DIR}/sh/common.inc.sh
#- aws-iam-bootstrap 1.0
## Usage: aws-iam-bootstrap [OPTION]
## Bootstrap an AWS user's Console (GUI) and, optionally, the CLI.
##
## --user User name as defined in AWS IAM
## --account Account name as defined in AWS
## Defaults to the constants file's DEV_AWS_ACCOUNT_NAME
## --const-file Optional. Path to the project's constants file
## Defaults to the git root's CONST.inc
##
## --access-key-id Optional. Access key ID as defined in AWS IAM
## Required to bootstrap the CLI
## --secet-access-key Optional. Secret access key as defined in AWS IAM
## Required to bootstrap the CLI
## --config-tpl-file Optional. Path to the project's AWS CLI config template
## Defaults to the git root's aws-cli.config.tpl
## --credentials-tpl-file Optional. Path to the project's AWS CLI credentials template
## Defaults to the git root's aws-cli.credentials.tpl
##
## -h, --help Display this help and exit
## -v, --version Output version information and exit
export AWS_USER=
export AWS_ACCOUNT_NAME=
export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=
CONST_FILE=${GIT_ROOT}/CONST.inc
CONFIG_TPL_FILE=${GIT_ROOT}/aws-cli.config.tpl
CREDENTIALS_TPL_FILE=${GIT_ROOT}/aws-cli.credentials.tpl
if { getopt --test >/dev/null 2>&1 && false; } || [[ "$?" = "4" ]] || false; then
ARGS=$(getopt -o hv -l help,version,user:,const-file:,access-key-id:,secret-access-key:,config-tpl-file:,credentials-tpl-file: -n $(basename ${BASH_SOURCE[0]}) -- "$@") || sh_script_usage # editorconfig-checker-disable-line
eval set -- "${ARGS}"
fi
while [[ $# -gt 0 ]]; do
case "$1" in
--user)
AWS_USER=$2
shift 2
;;
--const-file)
CONST_FILE=$2
shift 2
;;
--access-key-id)
AWS_ACCESS_KEY_ID=$2
shift 2
;;
--secret-access-key)
AWS_SECRET_ACCESS_KEY="$2"
shift 2
;;
--config-tpl-file)
CONFIG_TPL_FILE=$2
shift 2
;;
--credentials-tpl-file)
CREDENTIALS_TPL_FILE=$2
shift 2
;;
-h|--help)
sh_script_usage
;;
-v|--version)
sh_script_version
;;
--)
shift
break
;;
-*)
sh_script_usage
;;
*)
break
;;
esac
done
[[ $# -eq 0 ]] || sh_script_usage
[[ -n ${AWS_USER} ]] || {
echo_err "Pleaser provide a --user."
exit 1
}
echo_info "Sourcing ${CONST_FILE}."
set -a
source ${CONST_FILE}
set +a
AWS_ACCOUNT_NAME=${AWS_ACCOUNT_NAME:-${DEV_AWS_ACCOUNT_NAME}}
printf "\ec" # clear
${YP_DIR}/bin/aws-iam-console-switch-role > ${GIT_ROOT}/aws-iam-console-switch-role.md
cat ${GIT_ROOT}/aws-iam-console-switch-role.md
echo
echo "--------------------------------------------------------------------------------"
echo "Bookmark the links above for the roles that are relevant to your work."
echo "You can always find these in ${GIT_ROOT}/aws-iam-console-switch-role.md ."
read -r -p "Press ENTER to Continue."
[[ -n ${AWS_ACCESS_KEY_ID} && -n ${AWS_SECRET_ACCESS_KEY} ]] || exit 0
printf "\ec" # clear
cat ${CREDENTIALS_TPL_FILE} | envsubst
echo
echo "--------------------------------------------------------------------------------"
echo "Paste the above in your ${AWS_SHARED_CREDENTIALS_FILE:-~/.aws/credentials}."
read -r -p "Press ENTER to Continue."
printf "\ec" # clear
cat ${CONFIG_TPL_FILE} | envsubst
echo
echo "--------------------------------------------------------------------------------"
echo "Paste the above in your ~/.aws/config."
read -r -p "Press ENTER to Continue."