Example #1
0
def validate_config_file():
    if not os.path.isfile(config.AWS_ASSUME_CONFIG_PATH):
        util.error_log(
            f'Could not locate configuration file at "{config.AWS_ASSUME_CONFIG_PATH}"',
            _exit=False)
        util.info_log(f"Run `aws-sessions-switcher configure` to create one")
        sys.exit(1)
Example #2
0
 def list_roles(self, project_name, environment, printable=False) -> []:
     validate_config_file()
     roles = []
     for env, details in self.all_projects_config.items():
         if details.get('project_name') and project_name == details[
                 'project_name'] and environment == details[
                     'project_environment']:
             roles.append(details['role_name'])
             if printable:
                 util.info_log(
                     f"{details['role_name']} => {details['role_arn']}")
     return roles
Example #3
0
def perform_reset():
    if os.path.exists(config.AWS_ASSUME_CONFIG_PATH):
        try:
            ans = config_collector.ConfirmationDialog(
                f'This file => "{config.AWS_ASSUME_CONFIG_PATH}" will be deleted. '
                f'Are you sure you want to perform a reset?: ').get_answer()
            if ans:
                os.remove(config.AWS_ASSUME_CONFIG_PATH)
                util.info_log(
                    f'The file "{config.AWS_ASSUME_CONFIG_PATH}" is deleted')
        except Exception:
            util.error_log(
                f'The file "{config.AWS_ASSUME_CONFIG_PATH}" could not be deleted'
            )
    else:
        util.error_log(
            f'The file "{config.AWS_ASSUME_CONFIG_PATH}" does not exist')
    pass
Example #4
0
    def assume_role(self, project_name, environment, role):
        project_config = self.all_projects_config[
            f'{project_name}-{environment}']
        util.info_log(
            f"Attempting to assume role: \"{role}\" using ARN: \"{project_config['role_arn']}\" "
            f"on project: {project_name}")
        if project_config['mfa_required']:
            session_name = f"session-{project_name}-{environment}"
            mfa_token = config_collector.InputDialog(
                f"MFA TOKEN for device {project_config['mfa_device_arn']}"
            ).get_answer()
            session_creds = aws_client.get_sts_credentials(
                project_name, project_config, mfa_token, session_name)
            options = [
                ('aws_access_key_id', 'AccessKeyId'),
                ('aws_secret_access_key', 'SecretAccessKey'),
                ('aws_session_token', 'SessionToken'),
                ('aws_security_token', 'SessionToken'),
            ]

            new_session = {
                k: session_creds['Credentials'][v]
                for k, v in options
            }
            new_session.update({
                'expiration':
                session_creds['Credentials']['Expiration'].strftime(
                    config.EXPIRATION_TIMESTAMP_FORMAT)
            })
            config_parser_util.replace_config_section(
                config.AWS_ASSUME_CONFIG_PATH, session_name, new_session)

            # replace the default profile in the AWS_CREDS file
            config_parser_util.replace_config_section(config.AWS_CREDS_PATH,
                                                      'default', new_session)
            print(util.green_text('- SUCCESS!'))
        else:
            print(
                util.red_text(
                    'ALL PROJECT CONFIGS ARE EXPECTED TO HAVE MFA ENABLED, AS OF THIS VERSION. !'
                ))
            sys.exit(1)