Skip to content

Instantly share code, notes, and snippets.

@danieljimenez
Created August 15, 2017 16:26
Show Gist options
  • Save danieljimenez/4d283746fd814d751de6f4a2266da4a9 to your computer and use it in GitHub Desktop.
Save danieljimenez/4d283746fd814d751de6f4a2266da4a9 to your computer and use it in GitHub Desktop.
[toplevel]
whoami = sts get-caller-identity
test =
!f() {
/bin/ps -x
}; f
flip-account-skylab =
!f() {
temp_role=$(aws sts assume-role \
--role-arn "arn:aws:iam::153020297428:role/ForeFlightMainAccount" \
--role-session-name "$(whoami)0")
cat <<-EOF
export AWS_ACCESS_KEY_ID=$(echo $temp_role | jq .Credentials.AccessKeyId | xargs)
export AWS_SECRET_ACCESS_KEY=$(echo $temp_role | jq .Credentials.SecretAccessKey | xargs)
export AWS_SESSION_TOKEN=$(echo $temp_role | jq .Credentials.SessionToken | xargs)
EOF
}; f
flip-account-dev =
!f() {
temp_role=$(aws sts assume-role \
--role-arn "arn:aws:iam::812502887725:role/ForeFlightMainAccount" \
--role-session-name "$(whoami)0")
cat <<-EOF
export AWS_ACCESS_KEY_ID=$(echo $temp_role | jq .Credentials.AccessKeyId | xargs)
export AWS_SECRET_ACCESS_KEY=$(echo $temp_role | jq .Credentials.SecretAccessKey | xargs)
export AWS_SESSION_TOKEN=$(echo $temp_role | jq .Credentials.SessionToken | xargs)
EOF
}; f
flip-account-mapping =
!f() {
temp_role=$(aws sts assume-role \
--role-arn "arn:aws:iam::627206184244:role/ForeFlightMainAccount" \
--role-session-name "$(whoami)0")
cat <<-EOF
export AWS_ACCESS_KEY_ID=$(echo $temp_role | jq .Credentials.AccessKeyId | xargs)
export AWS_SECRET_ACCESS_KEY=$(echo $temp_role | jq .Credentials.SecretAccessKey | xargs)
export AWS_SESSION_TOKEN=$(echo $temp_role | jq .Credentials.SessionToken | xargs)
EOF
}; f
flip-account-marketing =
!f() {
temp_role=$(aws sts assume-role \
--role-arn "arn:aws:iam::486628126860:role/ForeFlightMarketingAccount" \
--role-session-name "$(whoami)0")
cat <<-EOF
export AWS_ACCESS_KEY_ID=$(echo $temp_role | jq .Credentials.AccessKeyId | xargs)
export AWS_SECRET_ACCESS_KEY=$(echo $temp_role | jq .Credentials.SecretAccessKey | xargs)
export AWS_SESSION_TOKEN=$(echo $temp_role | jq .Credentials.SessionToken | xargs)
EOF
}; f
flip-account-gis =
!f() {
temp_role=$(aws sts assume-role \
--role-arn "arn:aws:iam::269525278987:role/ForeFlightMainAccount" \
--role-session-name "$(whoami)0")
cat <<-EOF
export AWS_ACCESS_KEY_ID=$(echo $temp_role | jq .Credentials.AccessKeyId | xargs)
export AWS_SECRET_ACCESS_KEY=$(echo $temp_role | jq .Credentials.SecretAccessKey | xargs)
export AWS_SESSION_TOKEN=$(echo $temp_role | jq .Credentials.SessionToken | xargs)
EOF
}; f
flip-account-qa =
!f() {
temp_role=$(aws sts assume-role \
--role-arn "arn:aws:iam::214058376990:role/ForeFlightMainAccount" \
--role-session-name "$(whoami)0")
cat <<-EOF
export AWS_ACCESS_KEY_ID=$(echo $temp_role | jq .Credentials.AccessKeyId | xargs)
export AWS_SECRET_ACCESS_KEY=$(echo $temp_role | jq .Credentials.SecretAccessKey | xargs)
export AWS_SESSION_TOKEN=$(echo $temp_role | jq .Credentials.SessionToken | xargs)
EOF
}; f
flip-account-prod =
!f() {
temp_role=$(aws sts assume-role \
--role-arn "arn:aws:iam::590434647242:role/ForeFlightMainAccount" \
--role-session-name "$(whoami)0")
cat <<-EOF
export AWS_ACCESS_KEY_ID=$(echo $temp_role | jq .Credentials.AccessKeyId | xargs)
export AWS_SECRET_ACCESS_KEY=$(echo $temp_role | jq .Credentials.SecretAccessKey | xargs)
export AWS_SESSION_TOKEN=$(echo $temp_role | jq .Credentials.SessionToken | xargs)
EOF
}; f
docker-ecr-login =
!f() {
region=$(aws configure get region)
endpoint=$(aws ecr get-authorization-token --region $region --output text --query authorizationData[].proxyEndpoint)
passwd=$(aws ecr get-authorization-token --region $region --output text --query authorizationData[].authorizationToken | base64 --decode | cut -d: -f2)
docker login -u AWS -p $passwd $endpoint
}; f
get-private-ip-address =
!f() {
if [ -n "${1}" ]; then
aws ec2 describe-instances --query Reservations[].Instances[].PrivateIpAddress --output text --instance-id $1
else
echo 'Pass in an instance id...' && exit 1
fi
}; f
ssh =
!f() {
private_ip_address=$(aws get-private-ip-address $1)
if [ -n "${private_ip_address}" ]; then
ssh ec2-user@${private_ip_address} -o 'ConnectTimeout 30' -o 'UserKnownHostsFile /dev/null' -o 'ForwardAgent yes' -o 'RemoteForward 127.0.0.1:52698 127.0.0.1:52698';
fi
}; f
find-access-key = !f() {
clear_to_eol=$(tput el)
for i in $(aws iam list-users --query "Users[].UserName" --output text); do
printf "\r%sSearching...$i" "${clear_to_eol}"
result=$(aws iam list-access-keys --output text --user-name "${i}" --query "AccessKeyMetadata[?AccessKeyId=='${1}'].UserName";)
if [ -n "${result}" ]; then
printf "\r%s%s is owned by %s.\n" "${lear_to_eol}" "$1" "${result}"
break
fi
done
if [ -z "${result}" ]; then
printf "\r%sKey not found." "${clear_to_eol}"
fi
}; f
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment