X-Git-Url: https://src.twobees.de/?a=blobdiff_plain;f=stow%2Foh-my-zsh%2F.oh-my-zsh%2Fplugins%2Faws%2Faws.plugin.zsh;fp=stow%2Foh-my-zsh%2F.oh-my-zsh%2Fplugins%2Faws%2Faws.plugin.zsh;h=0000000000000000000000000000000000000000;hb=1a8e170bbe5c6641a26ab1ce2e6ce6c5c1faa4cd;hp=2167f552cd4b5365e6d410f653fa08a793816a2e;hpb=475ba35502579302593f4735c853c49ef1845dcb;p=dotfiles.git diff --git a/stow/oh-my-zsh/.oh-my-zsh/plugins/aws/aws.plugin.zsh b/stow/oh-my-zsh/.oh-my-zsh/plugins/aws/aws.plugin.zsh deleted file mode 100644 index 2167f55..0000000 --- a/stow/oh-my-zsh/.oh-my-zsh/plugins/aws/aws.plugin.zsh +++ /dev/null @@ -1,212 +0,0 @@ -function agp() { - echo $AWS_PROFILE -} - -# AWS profile selection -function asp() { - if [[ -z "$1" ]]; then - unset AWS_DEFAULT_PROFILE AWS_PROFILE AWS_EB_PROFILE - echo AWS profile cleared. - return - fi - - local -a available_profiles - available_profiles=($(aws_profiles)) - if [[ -z "${available_profiles[(r)$1]}" ]]; then - echo "${fg[red]}Profile '$1' not found in '${AWS_CONFIG_FILE:-$HOME/.aws/config}'" >&2 - echo "Available profiles: ${(j:, :)available_profiles:-no profiles found}${reset_color}" >&2 - return 1 - fi - - export AWS_DEFAULT_PROFILE=$1 - export AWS_PROFILE=$1 - export AWS_EB_PROFILE=$1 - - if [[ "$2" == "login" ]]; then - aws sso login - fi -} - -# AWS profile switch -function acp() { - if [[ -z "$1" ]]; then - unset AWS_DEFAULT_PROFILE AWS_PROFILE AWS_EB_PROFILE - unset AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN - echo AWS profile cleared. - return - fi - - local -a available_profiles - available_profiles=($(aws_profiles)) - if [[ -z "${available_profiles[(r)$1]}" ]]; then - echo "${fg[red]}Profile '$1' not found in '${AWS_CONFIG_FILE:-$HOME/.aws/config}'" >&2 - echo "Available profiles: ${(j:, :)available_profiles:-no profiles found}${reset_color}" >&2 - return 1 - fi - - local profile="$1" - local mfa_token="$2" - - # Get fallback credentials for if the aws command fails or no command is run - local aws_access_key_id="$(aws configure get aws_access_key_id --profile $profile)" - local aws_secret_access_key="$(aws configure get aws_secret_access_key --profile $profile)" - local aws_session_token="$(aws configure get aws_session_token --profile $profile)" - - - # First, if the profile has MFA configured, lets get the token and session duration - local mfa_serial="$(aws configure get mfa_serial --profile $profile)" - local sess_duration="$(aws configure get duration_seconds --profile $profile)" - - if [[ -n "$mfa_serial" ]]; then - local -a mfa_opt - if [[ -z "$mfa_token" ]]; then - echo -n "Please enter your MFA token for $mfa_serial: " - read -r mfa_token - fi - if [[ -z "$sess_duration" ]]; then - echo -n "Please enter the session duration in seconds (900-43200; default: 3600, which is the default maximum for a role): " - read -r sess_duration - fi - mfa_opt=(--serial-number "$mfa_serial" --token-code "$mfa_token" --duration-seconds "${sess_duration:-3600}") - fi - - # Now see whether we need to just MFA for the current role, or assume a different one - local role_arn="$(aws configure get role_arn --profile $profile)" - local sess_name="$(aws configure get role_session_name --profile $profile)" - - if [[ -n "$role_arn" ]]; then - # Means we need to assume a specified role - aws_command=(aws sts assume-role --role-arn "$role_arn" "${mfa_opt[@]}") - - # Check whether external_id is configured to use while assuming the role - local external_id="$(aws configure get external_id --profile $profile)" - if [[ -n "$external_id" ]]; then - aws_command+=(--external-id "$external_id") - fi - - # Get source profile to use to assume role - local source_profile="$(aws configure get source_profile --profile $profile)" - if [[ -z "$sess_name" ]]; then - sess_name="${source_profile:-profile}" - fi - aws_command+=(--profile="${source_profile:-profile}" --role-session-name "${sess_name}") - - echo "Assuming role $role_arn using profile ${source_profile:-profile}" - else - # Means we only need to do MFA - aws_command=(aws sts get-session-token --profile="$profile" "${mfa_opt[@]}") - echo "Obtaining session token for profile $profile" - fi - - # Format output of aws command for easier processing - aws_command+=(--query '[Credentials.AccessKeyId,Credentials.SecretAccessKey,Credentials.SessionToken]' --output text) - - # Run the aws command to obtain credentials - local -a credentials - credentials=(${(ps:\t:)"$(${aws_command[@]})"}) - - if [[ -n "$credentials" ]]; then - aws_access_key_id="${credentials[1]}" - aws_secret_access_key="${credentials[2]}" - aws_session_token="${credentials[3]}" - fi - - # Switch to AWS profile - if [[ -n "${aws_access_key_id}" && -n "$aws_secret_access_key" ]]; then - export AWS_DEFAULT_PROFILE="$profile" - export AWS_PROFILE="$profile" - export AWS_EB_PROFILE="$profile" - export AWS_ACCESS_KEY_ID="$aws_access_key_id" - export AWS_SECRET_ACCESS_KEY="$aws_secret_access_key" - - if [[ -n "$aws_session_token" ]]; then - export AWS_SESSION_TOKEN="$aws_session_token" - else - unset AWS_SESSION_TOKEN - fi - - echo "Switched to AWS Profile: $profile" - fi -} - -function aws_change_access_key() { - if [[ -z "$1" ]]; then - echo "usage: $0 " - return 1 - fi - - echo "Insert the credentials when asked." - asp "$1" || return 1 - AWS_PAGER="" aws iam create-access-key - AWS_PAGER="" aws configure --profile "$1" - - echo "You can now safely delete the old access key running \`aws iam delete-access-key --access-key-id ID\`" - echo "Your current keys are:" - AWS_PAGER="" aws iam list-access-keys -} - -function aws_profiles() { - [[ -r "${AWS_CONFIG_FILE:-$HOME/.aws/config}" ]] || return 1 - grep --color=never -Eo '\[.*\]' "${AWS_CONFIG_FILE:-$HOME/.aws/config}" | sed -E 's/^[[:space:]]*\[(profile)?[[:space:]]*([^[:space:]]+)\][[:space:]]*$/\2/g' -} - -function _aws_profiles() { - reply=($(aws_profiles)) -} -compctl -K _aws_profiles asp acp aws_change_access_key - -# AWS prompt -function aws_prompt_info() { - [[ -n "$AWS_PROFILE" ]] || return - echo "${ZSH_THEME_AWS_PREFIX=}" -} - -if [[ "$SHOW_AWS_PROMPT" != false && "$RPROMPT" != *'$(aws_prompt_info)'* ]]; then - RPROMPT='$(aws_prompt_info)'"$RPROMPT" -fi - - -# Load awscli completions - -# AWS CLI v2 comes with its own autocompletion. Check if that is there, otherwise fall back -if command -v aws_completer &> /dev/null; then - autoload -Uz bashcompinit && bashcompinit - complete -C aws_completer aws -else - function _awscli-homebrew-installed() { - # check if Homebrew is installed - (( $+commands[brew] )) || return 1 - - # speculatively check default brew prefix - if [ -h /usr/local/opt/awscli ]; then - _brew_prefix=/usr/local/opt/awscli - else - # ok, it is not in the default prefix - # this call to brew is expensive (about 400 ms), so at least let's make it only once - _brew_prefix=$(brew --prefix awscli) - fi - } - - # get aws_zsh_completer.sh location from $PATH - _aws_zsh_completer_path="$commands[aws_zsh_completer.sh]" - - # otherwise check common locations - if [[ -z $_aws_zsh_completer_path ]]; then - # Homebrew - if _awscli-homebrew-installed; then - _aws_zsh_completer_path=$_brew_prefix/libexec/bin/aws_zsh_completer.sh - # Ubuntu - elif [[ -e /usr/share/zsh/vendor-completions/_awscli ]]; then - _aws_zsh_completer_path=/usr/share/zsh/vendor-completions/_awscli - # NixOS - elif [[ -e "${commands[aws]:P:h:h}/share/zsh/site-functions/aws_zsh_completer.sh" ]]; then - _aws_zsh_completer_path="${commands[aws]:P:h:h}/share/zsh/site-functions/aws_zsh_completer.sh" - # RPM - else - _aws_zsh_completer_path=/usr/share/zsh/site-functions/aws_zsh_completer.sh - fi - fi - - [[ -r $_aws_zsh_completer_path ]] && source $_aws_zsh_completer_path - unset _aws_zsh_completer_path _brew_prefix -fi