Skip to content

Instantly share code, notes, and snippets.

@davewongillies

davewongillies/aws_config.fish

Forked from mbainter/aws_config.fish
Last active July 22, 2021 11:30
Show Gist options
  • Save davewongillies/5f3ec1a271b7fd5b0e1fb24eb761c0ba to your computer and use it in GitHub Desktop.
Save davewongillies/5f3ec1a271b7fd5b0e1fb24eb761c0ba to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. davewongillies revised this gist Aug 31, 2017. 1 changed file with 1 addition and 0 deletions.
    1 change: 1 addition & 0 deletions aws_config.fish
    View file
    Original file line number Diff line number Diff line change
    @@ -7,6 +7,7 @@ function aws_config

    if test $AWS_SESSION_EXPIRY
    set now (date +%s)
    # WARNING: this date command only works with GNU date
    set expiry (date -d $AWS_SESSION_EXPIRY +%s)

    if [ $now -gt $expiry ]
  2. davewongillies revised this gist Aug 31, 2017. 1 changed file with 3 additions and 5 deletions.
    8 changes: 3 additions & 5 deletions aws_config.fish
    View file
    Original file line number Diff line number Diff line change
    @@ -3,17 +3,15 @@ function aws_config
    echo "Please specify a valid profile."
    else

    set token_expired true
    set token_expired false

    if test $AWS_SESSION_EXPIRY
    set now (date +%s)
    set expiry (date -d $AWS_SESSION_EXPIRY +%s)

    if [ $now -lt $expiry ]
    echo "Token is still valid"
    set token_expired false
    else
    if [ $now -gt $expiry ]
    set -e AWS_SESSION_EXPIRY
    set token_expired true
    end
    end

  3. davewongillies revised this gist Aug 31, 2017. 1 changed file with 1 addition and 2 deletions.
    3 changes: 1 addition & 2 deletions aws_config.fish
    View file
    Original file line number Diff line number Diff line change
    @@ -33,8 +33,7 @@ function aws_config
    --token-code=$mfa_token \
    --duration-seconds $duration \
    --output text \
    --query 'Credentials | join (`;`,values({ \
    AccessKeyId: join(``, [`set -Ux AWS_ACCESS_KEY_ID `,AccessKeyId]), SecretAccessKey:join(``, [`set -Ux AWS_SECRET_ACCESS_KEY `,SecretAccessKey]), SessionToken:join(``, [`set -Ux AWS_SESSION_TOKEN `,SessionToken]), Expiration:join(``, [`set -Ux AWS_SESSION_EXPIRY `,Expiration]) }))' )
    --query 'Credentials | join (`;`,values({ AccessKeyId: join(``, [`set -Ux AWS_ACCESS_KEY_ID `,AccessKeyId]), SecretAccessKey:join(``, [`set -Ux AWS_SECRET_ACCESS_KEY `,SecretAccessKey]), SessionToken:join(``, [`set -Ux AWS_SESSION_TOKEN `,SessionToken]), Expiration:join(``, [`set -Ux AWS_SESSION_EXPIRY `,Expiration]) }))' )

    fish -c $aws_cli
    end
  4. davewongillies revised this gist Aug 31, 2017. 1 changed file with 1 addition and 4 deletions.
    5 changes: 1 addition & 4 deletions aws_config.fish
    View file
    Original file line number Diff line number Diff line change
    @@ -34,10 +34,7 @@ function aws_config
    --duration-seconds $duration \
    --output text \
    --query 'Credentials | join (`;`,values({ \
    AccessKeyId: join(``, [`set -Ux AWS_ACCESS_KEY_ID `,AccessKeyId]), \
    SecretAccessKey:join(``, [`set -Ux AWS_SECRET_ACCESS_KEY `,SecretAccessKey]), \
    SessionToken:join(``, [`set -Ux AWS_SESSION_TOKEN `,SessionToken]), \
    Expiration:join(``, [`set -Ux AWS_SESSION_EXPIRY `,Expiration]) }))' )
    AccessKeyId: join(``, [`set -Ux AWS_ACCESS_KEY_ID `,AccessKeyId]), SecretAccessKey:join(``, [`set -Ux AWS_SECRET_ACCESS_KEY `,SecretAccessKey]), SessionToken:join(``, [`set -Ux AWS_SESSION_TOKEN `,SessionToken]), Expiration:join(``, [`set -Ux AWS_SESSION_EXPIRY `,Expiration]) }))' )

    fish -c $aws_cli
    end
  5. davewongillies revised this gist Aug 31, 2017. 1 changed file with 5 additions and 2 deletions.
    7 changes: 5 additions & 2 deletions aws_config.fish
    View file
    Original file line number Diff line number Diff line change
    @@ -33,8 +33,11 @@ function aws_config
    --token-code=$mfa_token \
    --duration-seconds $duration \
    --output text \
    --query \
    'Credentials | join (`;`,values({ AccessKeyId: join(``, [`set -Ux AWS_ACCESS_KEY_ID `,AccessKeyId]), SecretAccessKey:join(``, [`set -Ux AWS_SECRET_ACCESS_KEY `,SecretAccessKey]), SessionToken:join(``, [`set -Ux AWS_SESSION_TOKEN `,SessionToken]), Expiration:join(``, [`set -Ux AWS_SESSION_EXPIRY `,Expiration]) }))' )
    --query 'Credentials | join (`;`,values({ \
    AccessKeyId: join(``, [`set -Ux AWS_ACCESS_KEY_ID `,AccessKeyId]), \
    SecretAccessKey:join(``, [`set -Ux AWS_SECRET_ACCESS_KEY `,SecretAccessKey]), \
    SessionToken:join(``, [`set -Ux AWS_SESSION_TOKEN `,SessionToken]), \
    Expiration:join(``, [`set -Ux AWS_SESSION_EXPIRY `,Expiration]) }))' )

    fish -c $aws_cli
    end
  6. davewongillies revised this gist Aug 31, 2017. 1 changed file with 0 additions and 1 deletion.
    1 change: 0 additions & 1 deletion aws_config.fish
    View file
    Original file line number Diff line number Diff line change
    @@ -22,7 +22,6 @@ function aws_config
    set -e AWS_SECRET_ACCESS_KEY
    set -e AWS_SESSION_TOKEN

    # set -g -x ATLAS_TOKEN (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"atlas_token\") { print \$3 }}" ~/.aws/credentials)
    set account (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"account_id\") { print \$3 }}" ~/.aws/credentials)
    set username (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"username\") { print \$3 }}" ~/.aws/credentials)
    set mfarn "arn:aws:iam::$account:mfa/$username"
  7. davewongillies revised this gist Aug 30, 2017. 1 changed file with 37 additions and 15 deletions.
    52 changes: 37 additions & 15 deletions aws_config.fish
    View file
    Original file line number Diff line number Diff line change
    @@ -2,20 +2,42 @@ function aws_config
    if not fgrep -q "[$argv]" ~/.aws/credentials
    echo "Please specify a valid profile."
    else
    set -e AWS_ACCESS_KEY_ID
    set -e AWS_SECRET_ACCESS_KEY
    set -e AWS_SESSION_TOKEN

    set -g -x ATLAS_TOKEN (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"atlas_token\") { print \$3 }}" ~/.aws/credentials)
    set account (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"account_id\") { print \$3 }}" ~/.aws/credentials)
    set username (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"username\") { print \$3 }}" ~/.aws/credentials)
    set mfarn "arn:aws:iam::$account:mfa/$username"
    echo "Please enter your MFA token:"
    read -l mfa_token
    set json (aws --profile=$argv sts get-session-token --serial-number="$mfarn" --token-code=$mfa_token)
    set -U -x AWS_ACCESS_KEY_ID (echo $json | jq -r '.Credentials.AccessKeyId')
    set -U -x AWS_SECRET_ACCESS_KEY (echo $json | jq -r '.Credentials.SecretAccessKey')
    set -U -x AWS_SESSION_TOKEN (echo $json | jq -r '.Credentials.SessionToken')
    set -U -x AWS_SESSION_EXPIRY (echo $json | jq -r '.Credentials.Expiration')

    set token_expired true

    if test $AWS_SESSION_EXPIRY
    set now (date +%s)
    set expiry (date -d $AWS_SESSION_EXPIRY +%s)

    if [ $now -lt $expiry ]
    echo "Token is still valid"
    set token_expired false
    else
    set -e AWS_SESSION_EXPIRY
    end
    end

    if [ $token_expired = true ]
    set -e AWS_ACCESS_KEY_ID
    set -e AWS_SECRET_ACCESS_KEY
    set -e AWS_SESSION_TOKEN

    # set -g -x ATLAS_TOKEN (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"atlas_token\") { print \$3 }}" ~/.aws/credentials)
    set account (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"account_id\") { print \$3 }}" ~/.aws/credentials)
    set username (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"username\") { print \$3 }}" ~/.aws/credentials)
    set mfarn "arn:aws:iam::$account:mfa/$username"
    set duration "43200"
    echo "Please enter your MFA token for $mfarn:"
    read -l mfa_token
    set aws_cli (aws --profile=$argv sts get-session-token \
    --serial-number="$mfarn" \
    --token-code=$mfa_token \
    --duration-seconds $duration \
    --output text \
    --query \
    'Credentials | join (`;`,values({ AccessKeyId: join(``, [`set -Ux AWS_ACCESS_KEY_ID `,AccessKeyId]), SecretAccessKey:join(``, [`set -Ux AWS_SECRET_ACCESS_KEY `,SecretAccessKey]), SessionToken:join(``, [`set -Ux AWS_SESSION_TOKEN `,SessionToken]), Expiration:join(``, [`set -Ux AWS_SESSION_EXPIRY `,Expiration]) }))' )

    fish -c $aws_cli
    end
    end
    end
  8. davewongillies revised this gist Aug 30, 2017. 1 changed file with 8 additions and 5 deletions.
    13 changes: 8 additions & 5 deletions aws_config.fish
    View file
    Original file line number Diff line number Diff line change
    @@ -2,17 +2,20 @@ function aws_config
    if not fgrep -q "[$argv]" ~/.aws/credentials
    echo "Please specify a valid profile."
    else
    set -e AWS_ACCESS_KEY
    set -e AWS_SECRET_KEY
    set -e AWS_ACCESS_KEY_ID
    set -e AWS_SECRET_ACCESS_KEY
    set -e AWS_SESSION_TOKEN

    set -g -x ATLAS_TOKEN (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"atlas_token\") { print \$3 }}" ~/.aws/credentials)
    set account (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"account_id\") { print \$3 }}" ~/.aws/credentials)
    set username (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"username\") { print \$3 }}" ~/.aws/credentials)
    set mfarn "arn:aws:iam::$account:mfa/$username"
    echo "Please enter your MFA token:"
    read -l mfa_token
    set json (aws --profile=$argv sts get-session-token --serial-number="$mfarn" --token-code=$mfa_token)
    set -g -x AWS_ACCESS_KEY_ID (echo $json | jq -r '.Credentials.AccessKeyId')
    set -g -x AWS_SECRET_ACCESS_KEY (echo $json | jq -r '.Credentials.SecretAccessKey')
    set -g -x AWS_SESSION_TOKEN (echo $json | jq -r '.Credentials.SessionToken')
    set -U -x AWS_ACCESS_KEY_ID (echo $json | jq -r '.Credentials.AccessKeyId')
    set -U -x AWS_SECRET_ACCESS_KEY (echo $json | jq -r '.Credentials.SecretAccessKey')
    set -U -x AWS_SESSION_TOKEN (echo $json | jq -r '.Credentials.SessionToken')
    set -U -x AWS_SESSION_EXPIRY (echo $json | jq -r '.Credentials.Expiration')
    end
    end
  9. @mbainter mbainter revised this gist Jun 9, 2015. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion aws_config.fish
    View file
    Original file line number Diff line number Diff line change
    @@ -13,6 +13,6 @@ function aws_config
    set json (aws --profile=$argv sts get-session-token --serial-number="$mfarn" --token-code=$mfa_token)
    set -g -x AWS_ACCESS_KEY_ID (echo $json | jq -r '.Credentials.AccessKeyId')
    set -g -x AWS_SECRET_ACCESS_KEY (echo $json | jq -r '.Credentials.SecretAccessKey')
    set -g -x AWS_SECURITY_TOKEN (echo $json | jq -r '.Credentials.SessionToken')
    set -g -x AWS_SESSION_TOKEN (echo $json | jq -r '.Credentials.SessionToken')
    end
    end
  10. @mbainter mbainter created this gist Jun 5, 2015.
    18 changes: 18 additions & 0 deletions aws_config.fish
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,18 @@
    function aws_config
    if not fgrep -q "[$argv]" ~/.aws/credentials
    echo "Please specify a valid profile."
    else
    set -e AWS_ACCESS_KEY
    set -e AWS_SECRET_KEY
    set -g -x ATLAS_TOKEN (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"atlas_token\") { print \$3 }}" ~/.aws/credentials)
    set account (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"account_id\") { print \$3 }}" ~/.aws/credentials)
    set username (awk "/\[$argv\]/,/^\$/ { if (\$1 == \"username\") { print \$3 }}" ~/.aws/credentials)
    set mfarn "arn:aws:iam::$account:mfa/$username"
    echo "Please enter your MFA token:"
    read -l mfa_token
    set json (aws --profile=$argv sts get-session-token --serial-number="$mfarn" --token-code=$mfa_token)
    set -g -x AWS_ACCESS_KEY_ID (echo $json | jq -r '.Credentials.AccessKeyId')
    set -g -x AWS_SECRET_ACCESS_KEY (echo $json | jq -r '.Credentials.SecretAccessKey')
    set -g -x AWS_SECURITY_TOKEN (echo $json | jq -r '.Credentials.SessionToken')
    end
    end