T31M/ubuntu-fish-dotfiles
0
1
Fork 0
Code Pull Requests Releases Activity

feat: update ssm tunneling script

Browse Source
This commit is contained in:
T31M
2022-06-05 10:26:10 +02:00
parent 36ec3bb485
commit a1186a2c1c
3 changed files with 57 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
fish/theme-t31m/functions/envAWS.fish
View File

@ -4,7 +4,7 @@
set AWS_IAM_USER ""
# TODO setup your aws-mfa credential keys in the credentials file
# TODO replace "Administrator" Role with the actual role you want to assume.
# TODO replace "PLACE_YOUR_ROLE_HERE" with the actual role you want to assume.
# AWS Account details
set DEV_ACCOUNT_ID ""
@ -26,19 +26,19 @@ function envAWS --description 'switch to different aws account environments (-)
switch $argv[1]
case dev
echo "switching to /refreshing dev"
aws-mfa --assume-role arn:aws:iam::$DEV_ACCOUNT_ID:role/Administrator --duration 43200 --role-session-name $AWS_IAM_USER
aws-mfa --assume-role arn:aws:iam::$DEV_ACCOUNT_ID:role/PLACE_YOUR_ROLE_HERE --duration 43200 --role-session-name "$AWS_IAM_USER"
getAWSenv
case stg
echo "switching to /refreshing staging"
aws-mfa --assume-role arn:aws:iam::$STG_ACCOUNT_ID:role/Administrator --duration 43200 --role-session-name $AWS_IAM_USER
aws-mfa --assume-role arn:aws:iam::$STG_ACCOUNT_ID:role/PLACE_YOUR_ROLE_HERE --duration 43200 --role-session-name "$AWS_IAM_USER"
getAWSenv
case prod
echo "switching to /refreshing prod"
aws-mfa --assume-role arn:aws:iam::$PROD_ACCOUNT_ID:role/Administrator --duration 3600 --role-session-name $AWS_IAM_USER
aws-mfa --assume-role arn:aws:iam::$PROD_ACCOUNT_ID:role/PLACE_YOUR_ROLE_HERE --duration 3600 --role-session-name "$AWS_IAM_USER"
getAWSenv
case ops
echo "switching to /refreshing ops"
aws-mfa --assume-role arn:aws:iam::$OPS_ACCOUNT_ID:role/Administrator --duration 3600 --role-session-name $AWS_IAM_USER
aws-mfa --assume-role arn:aws:iam::$OPS_ACCOUNT_ID:role/PLACE_YOUR_ROLE_HERE --duration 3600 --role-session-name "$AWS_IAM_USER"
getAWSenv
case '*'
echo "Wrong / Invalid Environment provided"
@ -67,3 +67,12 @@ function getAWSenv --description 'verify and set environment'
return 1
end
end
function getSecretAWS --description 'get & decrypt secrets from ssm parameter store via cli command if permissions are granted'
if test (count $argv) -lt 1
echo "Provide a Path to the Secret"
return
end
aws ssm get-parameter --name "$argv[1]" --with-decryption | jq .Parameter.Value -r
end