forked from remind101/assume-role
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathprint-credentials.go
133 lines (119 loc) · 4.11 KB
/
print-credentials.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
package main
import (
"flag"
"fmt"
"os"
"runtime"
"strings"
"github.com/aws/aws-sdk-go/aws/credentials"
log "github.com/sirupsen/logrus"
)
var format *string
func init() {
format = flag.String("format", defaultFormat(), "Format can be 'bash' or 'powershell'.")
}
func defaultFormat() string {
var shell = os.Getenv("SHELL")
switch runtime.GOOS {
case "windows":
if os.Getenv("SHELL") == "" {
return "powershell"
}
fallthrough
default:
if strings.HasSuffix(shell, "fish") {
return "fish"
}
return "bash"
}
}
func printCredentials(role string, creds *credentials.Value) {
switch *format {
case "powershell":
printPowerShellCredentials(role, creds)
case "bash":
printBashCredentials(role, creds)
case "fish":
printFishCredentials(role, creds)
default:
flag.Usage()
os.Exit(1)
}
}
// printCredentials prints the credentials in a way that can easily be sourced
// with bash.
func printBashCredentials(role string, creds *credentials.Value) {
log.Debug("Bash credentials...")
fmt.Printf("export AWS_ACCESS_KEY_ID=\"%s\"\n", creds.AccessKeyID)
fmt.Printf("export AWS_SECRET_ACCESS_KEY=\"%s\"\n", creds.SecretAccessKey)
fmt.Printf("export AWS_SESSION_TOKEN=\"%s\"\n", creds.SessionToken)
fmt.Printf("export AWS_SECURITY_TOKEN=\"%s\"\n", creds.SessionToken)
fmt.Printf("export ASSUMED_ROLE=\"%s\"\n", role)
fmt.Printf("# Run this to configure your shell:\n")
fmt.Printf("# eval $(%s)\n", strings.Join(os.Args, " "))
}
// printFishCredentials prints the credentials in a way that can easily be sourced
// with fish.
func printFishCredentials(role string, creds *credentials.Value) {
log.Debug("Fish credentials...")
fmt.Printf("set -gx AWS_ACCESS_KEY_ID \"%s\";\n", creds.AccessKeyID)
fmt.Printf("set -gx AWS_SECRET_ACCESS_KEY \"%s\";\n", creds.SecretAccessKey)
fmt.Printf("set -gx AWS_SESSION_TOKEN \"%s\";\n", creds.SessionToken)
fmt.Printf("set -gx AWS_SECURITY_TOKEN \"%s\";\n", creds.SessionToken)
fmt.Printf("set -gx ASSUMED_ROLE \"%s\";\n", role)
fmt.Printf("# Run this to configure your shell:\n")
fmt.Printf("# eval (%s)\n", strings.Join(os.Args, " "))
}
// printPowerShellCredentials prints the credentials in a way that can easily be sourced
// with Windows powershell using Invoke-Expression.
func printPowerShellCredentials(role string, creds *credentials.Value) {
log.Debug("Powershell credentials...")
fmt.Printf("$env:AWS_ACCESS_KEY_ID=\"%s\"\n", creds.AccessKeyID)
fmt.Printf("$env:AWS_SECRET_ACCESS_KEY=\"%s\"\n", creds.SecretAccessKey)
fmt.Printf("$env:AWS_SESSION_TOKEN=\"%s\"\n", creds.SessionToken)
fmt.Printf("$env:AWS_SECURITY_TOKEN=\"%s\"\n", creds.SessionToken)
fmt.Printf("$env:ASSUMED_ROLE=\"%s\"\n", role)
fmt.Printf("# Run this to configure your shell:\n")
fmt.Printf("# %s | Invoke-Expression \n", strings.Join(os.Args, " "))
}
func unsetCredentials() {
switch *format {
case "powershell":
unsetPowerShellCredentials()
case "bash":
unsetBashCredentials()
case "fish":
unsetFishCredentials()
default:
flag.Usage()
os.Exit(1)
}
}
// unsetCredentials prints the credentials in a way that can easily be sourced
// with bash.
func unsetBashCredentials() {
log.Debug("Bash credentials...")
fmt.Println("unset AWS_ACCESS_KEY_ID")
fmt.Println("unset AWS_SECRET_ACCESS_KEY")
fmt.Println("unset AWS_SESSION_TOKEN")
fmt.Println("unset AWS_SECURITY_TOKEN")
fmt.Println("unset ASSUMED_ROLE")
}
// printFishCredentials prints the credentials in a way that can easily be sourced
// with fish.
func unsetFishCredentials() {
log.Debug("Fish credentials...")
fmt.Println("set --erase AWS_ACCESS_KEY_ID;")
fmt.Println("set --erase AWS_SECRET_ACCESS_KEY;")
fmt.Println("set --erase AWS_SESSION_TOKEN;")
fmt.Println("set --erase AWS_SECURITY_TOKEN;")
}
// printPowerShellCredentials prints the credentials in a way that can easily be sourced
// with Windows powershell using Invoke-Expression.
func unsetPowerShellCredentials() {
log.Debug("Powershell credentials...")
fmt.Println("Remove-Variable -name AWS_ACCESS_KEY_ID")
fmt.Println("Remove-Variable -name AWS_SECRET_ACCESS_KEY")
fmt.Println("Remove-Variable -name AWS_SESSION_TOKEN")
fmt.Println("Remove-Variable -name AWS_SECURITY_TOKEN")
}