def test_overwrite_default_profile(self):
credentials_filename = self.tempdir + 'credentials'
with open(credentials_filename, "w") as credentials_file:
credentials_file.write((
'[default]\n'
'aws_access_key_id = AccessKeyIdToOverwrite\n'
'aws_secret_access_key = SecretAccessKeyToOverwrite\n'
'aws_session_token = TokenToOverwrite\n'
'aws_security_token = TokenToOverwrite\n\n'
))
aws_credentials_file.write({
'AWS_ACCESS_KEY_ID': 'AccessKeyId',
'AWS_SECRET_ACCESS_KEY': 'SecretAccessKey',
'AWS_SESSION_TOKEN': 'Token',
'AWS_SECURITY_TOKEN': 'Token',
'AWS_EXPIRATION_DATE': 'Expiration'
}, credentials_filename)
self.assertEqual(open(credentials_filename).read(), (
'[default]\n'
'aws_access_key_id = AccessKeyId\n'
'aws_secret_access_key = SecretAccessKey\n'
'aws_session_token = Token\n'
'aws_security_token = Token\n\n'
))
def main():
"""Main function for script execution"""
arguments = docopt(__doc__)
if arguments['--debug']:
global DEBUG
DEBUG = True
debug(arguments)
try:
config = load_config()
except Exception as exc:
error("Failed to load configuration: %s" % exc)
api_url = arguments['--api-url'] or config.get('api_url') or \
'https://{fqdn}/afp-api/latest'.format(fqdn=get_default_afp_server())
username = arguments['--user'] or config.get("user") or getpass.getuser()
password = '******' if arguments['--no-ask-pw'] else get_password(username)
federation_client = AWSFederationClientCmd(api_url=api_url,
username=username,
password=password)
if arguments['<accountname>']:
account = arguments['<accountname>']
role = arguments['<rolename>'] or get_first_role(federation_client, account)
aws_credentials = get_aws_credentials(federation_client, account, role)
if arguments['--show']:
print(cli.format_aws_credentials(aws_credentials))
elif arguments['--export']:
if os.name == "nt":
print(cli.format_aws_credentials(aws_credentials, prefix='set '))
else:
print(cli.format_aws_credentials(aws_credentials, prefix='export '))
elif arguments['--write']:
aws_credentials_file.write(aws_credentials)
else:
print("Entering AFP subshell for account {0}, role {1}.".format(
account, role))
try:
if os.name == "nt":
start_subcmd(aws_credentials=aws_credentials, role=role, account=account)
else:
start_subshell(aws_credentials=aws_credentials, role=role, account=account)
except Exception as exc:
error("Failed to start subshell: %s" % exc)
else:
try:
print(cli.format_account_and_role_list(federation_client.get_account_and_role_list()))
except Exception as exc:
error("Failed to get account list from AWS: %s" % exc)
def test_write_profile_to_new_file(self):
credentials_filename = self.tempdir + 'credentials'
aws_credentials_file.write({
'AWS_ACCESS_KEY_ID': 'AccessKeyId',
'AWS_SECRET_ACCESS_KEY': 'SecretAccessKey',
'AWS_SESSION_TOKEN': 'Token',
'AWS_SECURITY_TOKEN': 'Token',
'AWS_EXPIRATION_DATE': 'Expiration'
}, credentials_filename, 'profile')
self.assertEqual(open(credentials_filename).read(), (
'[profile]\n'
'aws_access_key_id = AccessKeyId\n'
'aws_secret_access_key = SecretAccessKey\n'
'aws_session_token = Token\n'
'aws_security_token = Token\n\n'
))