T31M/ubuntu-fish-dotfiles
0
1
Fork 0
Code Pull Requests Releases Activity
Files
2ed69bc664912602faa705b9fe36cc22aa98221f
ubuntu-fish-dotfiles/fish/theme-t31m/functions/envAWS.fish
T31M 36ec3bb485 (bugfix) make compatible with fish version >=3.3 
- cleanup
- minor comments and fixes
2022-04-30 11:31:57 +02:00

70 lines
2.0 KiB
Fish
Raw Blame History

# AWS Credential Management for FiSH
# TODO change your user
set AWS_IAM_USER ""
# TODO setup your aws-mfa credential keys in the credentials file
# TODO replace "Administrator" Role with the actual role you want to assume.
# AWS Account details
set DEV_ACCOUNT_ID ""
set STG_ACCOUNT_ID ""
set PROD_ACCOUNT_ID ""
set OPS_ACCOUNT_ID ""
# Update if different regions are used in your setup
export AWS_REGION=eu-west-1
export AWS_DEFAULT_REGION=eu-west-1
function envAWS --description 'switch to different aws account environments (-) with MFA'
if test (count $argv) -lt 1
echo "Provide an AWS Environment: dev, staging, prod, ops"
return
end
switch $argv[1]
case dev
echo "switching to /refreshing dev"
aws-mfa --assume-role arn:aws:iam::$DEV_ACCOUNT_ID:role/Administrator --duration 43200 --role-session-name $AWS_IAM_USER
getAWSenv
case stg
echo "switching to /refreshing staging"
aws-mfa --assume-role arn:aws:iam::$STG_ACCOUNT_ID:role/Administrator --duration 43200 --role-session-name $AWS_IAM_USER
getAWSenv
case prod
echo "switching to /refreshing prod"
aws-mfa --assume-role arn:aws:iam::$PROD_ACCOUNT_ID:role/Administrator --duration 3600 --role-session-name $AWS_IAM_USER
getAWSenv
case ops
echo "switching to /refreshing ops"
aws-mfa --assume-role arn:aws:iam::$OPS_ACCOUNT_ID:role/Administrator --duration 3600 --role-session-name $AWS_IAM_USER
getAWSenv
case '*'
echo "Wrong / Invalid Environment provided"
return 1
end
end
function getAWSenv --description 'verify and set environment'
set aws_account_id (aws sts get-caller-identity | jq -r '.Account')
if not test -n "$aws_account_id"
echo "aws sts could not get identify. Are you logged in ?"
set -ge env # clear env
return 1
end
if [ $aws_account_id = $DEV_ACCOUNT_ID ]
set -g env dev
else if [ $aws_account_id = $STG_ACCOUNT_ID ]
set -g env stg
else if [ $aws_account_id = $PROD_ACCOUNT_ID ]
set -g env prod
else if [ $aws_account_id = $OPS_ACCOUNT_ID ]
set -g env ops
else
set -ge env
return 1
end
end
View Git Blame Copy Permalink