-
Notifications
You must be signed in to change notification settings - Fork 25
/
Copy pathget-aws-profile.sh
executable file
·151 lines (135 loc) · 4.07 KB
/
get-aws-profile.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
#!/bin/bash -f
#
# Fetch the AWS access key and/or secret for an AWS profile
# stored in the ~/.aws/credentials file ini format
#
# Aaron Roydhouse <aaron@roydhouse.com>, 2017
# https://github.com/whereisaaron/get-aws-profile-bash/
#
#
# cfg_parser - Parse and ini files into variables
# By Andres J. Diaz
# http://theoldschooldevops.com/2008/02/09/bash-ini-parser/
# Use pastebin link only and WordPress corrupts it
# http://pastebin.com/f61ef4979 (original)
# http://pastebin.com/m4fe6bdaf (supports spaces in values)
#
cfg_parser ()
{
IFS=$'\n' && ini=( $(<$1) ) # convert to line-array
ini=( ${ini[*]//;*/} ) # remove comments ;
ini=( ${ini[*]//\#*/} ) # remove comments #
ini=( ${ini[*]/\ =/=} ) # remove tabs before =
ini=( ${ini[*]/=\ /=} ) # remove tabs be =
ini=( ${ini[*]/\ *=\ /=} ) # remove anything with a space around =
ini=( ${ini[*]/#[/\}$'\n'cfg.section.} ) # set section prefix
ini=( ${ini[*]/%]/ \(} ) # convert text2function (1)
ini=( ${ini[*]/=/=\( } ) # convert item to array
ini=( ${ini[*]/%/ \)} ) # close array parenthesis
ini=( ${ini[*]/%\\ \)/ \\} ) # the multiline trick
ini=( ${ini[*]/%\( \)/\(\) \{} ) # convert text2function (2)
ini=( ${ini[*]/%\} \)/\}} ) # remove extra parenthesis
ini[0]="" # remove first element
ini[${#ini[*]} + 1]='}' # add the last brace
eval "$(echo "${ini[*]}")" # eval the result
}
# echo a message to standard error (used for messages not intended
# to be parsed by scripts, such as usage messages, warnings or errors)
echo_stderr() {
echo "$@" >&2
}
#
# Parse options
#
display_usage ()
{
echo_stderr "Usage: $0 [--credentials=<path>] [--profile=<name>] [--key|--secret|--session-token]"
echo_stderr " Default --credentials is '~/.aws/credentials'"
echo_stderr " Default --profile is 'default'"
echo_stderr " By default environment variables are generate, e.g."
echo_stderr " source \$($0 --profile=myprofile)"
echo_stderr " You can specify one of --key, --secret, -or --session-token to get just that value, with no line break,"
echo_stderr " FOO_KEY=\$($0 --profile=myprofile --key)"
echo_stderr " FOO_SECRET=\$($0 --profile=myprofile --secret)"
echo_stderr " FOO_SESSION_TOKEN=\$($0 --profile=myprofile --session-token)"
}
for i in "$@"
do
case $i in
--credentials=*)
CREDENTIALS="${i#*=}"
shift # past argument=value
;;
--profile=*)
PROFILE="${i#*=}"
shift # past argument=value
;;
--key)
SHOW_KEY=true
shift # past argument with no value
;;
--secret)
SHOW_SECRET=true
shift # past argument with no value
;;
--session-token)
SHOW_SESSION_TOKEN=true
shift # past argument with no value
;;
--help)
display_usage
exit 0
;;
*)
# unknown option
echo "Unknown option $1"
display_usage
exit 1
;;
esac
done
#
# Check options
#
CREDENTIALS=${CREDENTIALS:-~/.aws/credentials}
PROFILE=${PROFILE:-default}
SHOW_KEY=${SHOW_KEY:-false}
SHOW_SECRET=${SHOW_SECRET:-false}
SHOW_SESSION_TOKEN=${SHOW_SESSION_TOKEN:-false}
if [[ "${SHOW_KEY}" = true && "${SHOW_SECRET}" = true ]]; then
echo_stderr "Can only specify one of --key or --secret"
display_usage
exit 2
fi
#
# Parse and display
#
if [[ ! -r "${CREDENTIALS}" ]]; then
echo_stderr "File not found: '${CREDENTIALS}'"
exit 3
fi
cfg_parser "${CREDENTIALS}"
if [[ $? -ne 0 ]]; then
echo_stderr "Parsing credentials file '${CREDENTIALS}' failed"
exit 4
fi
cfg.section.${PROFILE}
if [[ $? -ne 0 ]]; then
echo_stderr "Profile '${PROFILE}' not found"
exit 5
fi
if [[ "${SHOW_KEY}" = false && "${SHOW_SECRET}" = false && "${SHOW_SESSION_TOKEN}" = false ]]; then
echo "export AWS_ACCESS_KEY_ID=${aws_access_key_id}"
echo "export AWS_SECRET_ACCESS_KEY=${aws_secret_access_key}"
echo "export AWS_SESSION_TOKEN=${aws_session_token}"
elif [[ "${SHOW_KEY}" = true ]]; then
echo -n "${aws_access_key_id}"
elif [[ "${SHOW_SECRET}" = true ]]; then
echo -n "${aws_secret_access_key}"
elif [[ "${SHOW_SESSION_TOKEN}" = true ]]; then
echo -n "${aws_session_token}"
else
echo_stderr "Unknown error"
exit 9
fi
exit 0