MasahiroKawahara/aws_cli_alias.sh

## aws_cli_alias.sh
[toplevel]
whoami = sts get-caller-identity

### IAM Identity Center(SSO)
sso-store-id = sso-admin list-instances \
  --query "Instances[0].IdentityStoreId" --output text

sso-user-id =
  !f() {
  store_id="$1"
  user_email="$2"
  aws identitystore get-user-id --output text \
    --identity-store-id "$store_id" \
    --alternate-identifier "{\"UniqueAttribute\":{\"AttributePath\":\"emails.value\",\"AttributeValue\":\"${user_email}\"}}" \
    --query "UserId"
  };f

sso-group-id =
  !f() {
    store_id="$1"
    group_name="$2"
    aws identitystore get-group-id --output text \
      --identity-store-id "$store_id" \
      --alternate-identifier "{\"UniqueAttribute\":{\"AttributePath\":\"displayName\",\"AttributeValue\":\"${group_name}\"}}" \
      --query "GroupId"
  };f

sso-create-membership =
  !f () {
    store_id="$1"
    group_name="$2"
    user_email="$3"
    group_id=$(aws sso-group-id "$store_id" "$group_name")
    user_id=$(aws sso-user-id "$store_id" "$user_email")
    if [ "$group_id" != "" ] && [ "$user_id" != "" ]; then
      aws identitystore create-group-membership \
        --identity-store-id "$store_id" \
        --group-id "$group_id" \
        --member-id UserId="$user_id"
    fi
  };f

sso-membership =
  !f () {
    store_id="$1"
    group_name="$2"
    user_email="$3"
    group_id=$(aws sso-group-id "$store_id" "$group_name")
    user_id=$(aws sso-user-id "$store_id" "$user_email")
    if [ "$group_id" != "" ] && [ "$user_id" != "" ]; then
      aws identitystore get-group-membership-id --output text \
        --identity-store-id "$store_id" \
        --group-id "$group_id" \
        --member-id UserId="$user_id" \
        --query "MembershipId"
    fi
  };f

sso-delete-membership =
  !f () {
    store_id="$1"
    group_name="$2"
    user_email="$3"
    membership_id=$(aws sso-membership "$store_id" "$group_name" "$user_email")
    if [ "$membership_id" != "" ];then
      aws identitystore delete-group-membership \
        --identity-store-id "$store_id" \
        --membership-id "$membership_id"
    fi
  };f
	[toplevel]
	whoami = sts get-caller-identity

	### IAM Identity Center(SSO)
	sso-store-id = sso-admin list-instances \
	--query "Instances[0].IdentityStoreId" --output text

	sso-user-id =
	!f() {
	store_id="$1"
	user_email="$2"
	aws identitystore get-user-id --output text \
	--identity-store-id "$store_id" \
	--alternate-identifier "{\"UniqueAttribute\":{\"AttributePath\":\"emails.value\",\"AttributeValue\":\"${user_email}\"}}" \
	--query "UserId"
	};f

	sso-group-id =
	!f() {
	store_id="$1"
	group_name="$2"
	aws identitystore get-group-id --output text \
	--identity-store-id "$store_id" \
	--alternate-identifier "{\"UniqueAttribute\":{\"AttributePath\":\"displayName\",\"AttributeValue\":\"${group_name}\"}}" \
	--query "GroupId"
	};f

	sso-create-membership =
	!f () {
	store_id="$1"
	group_name="$2"
	user_email="$3"
	group_id=$(aws sso-group-id "$store_id" "$group_name")
	user_id=$(aws sso-user-id "$store_id" "$user_email")
	if [ "$group_id" != "" ] && [ "$user_id" != "" ]; then
	aws identitystore create-group-membership \
	--identity-store-id "$store_id" \
	--group-id "$group_id" \
	--member-id UserId="$user_id"
	fi
	};f

	sso-membership =
	!f () {
	store_id="$1"
	group_name="$2"
	user_email="$3"
	group_id=$(aws sso-group-id "$store_id" "$group_name")
	user_id=$(aws sso-user-id "$store_id" "$user_email")
	if [ "$group_id" != "" ] && [ "$user_id" != "" ]; then
	aws identitystore get-group-membership-id --output text \
	--identity-store-id "$store_id" \
	--group-id "$group_id" \
	--member-id UserId="$user_id" \
	--query "MembershipId"
	fi
	};f

	sso-delete-membership =
	!f () {
	store_id="$1"
	group_name="$2"
	user_email="$3"
	membership_id=$(aws sso-membership "$store_id" "$group_name" "$user_email")
	if [ "$membership_id" != "" ];then
	aws identitystore delete-group-membership \
	--identity-store-id "$store_id" \
	--membership-id "$membership_id"
	fi
	};f