glennschler/algo-ec2-vault.sh

## algo-ec2-vault.sh
#!/usr/bin/env bash
set -e

# Get secrets from ansible vault
ec2credentials=$(ansible-vault view ./aws-secrets.vault.yml | sed -E "s/aws_access_key = ([^ ]+)|aws_secret_key = ([^ ]+)|aws_mfa_serial = ([^ ]+)/\1\2\3/g")

export AWS_ACCESS_KEY_ID=$(echo $ec2credentials | cut -d' ' -f1)
export AWS_SECRET_ACCESS_KEY=$(echo $ec2credentials | cut -d' ' -f2)

exec ./algo $1 -e "aws_mfa_serial=$(echo $ec2credentials | cut -d' ' -f3)"

## algo-vault.sh
# have the algo playbook prompt for the vault password
# vault should store the aws secrets
./algo --vault-id @prompt -e @vars/aws_secrets.yml
	#!/usr/bin/env bash
	set -e

	# Get secrets from ansible vault
	ec2credentials=$(ansible-vault view ./aws-secrets.vault.yml \| sed -E "s/aws_access_key = ([^ ]+)\|aws_secret_key = ([^ ]+)\|aws_mfa_serial = ([^ ]+)/\1\2\3/g")

	export AWS_ACCESS_KEY_ID=$(echo $ec2credentials \| cut -d' ' -f1)
	export AWS_SECRET_ACCESS_KEY=$(echo $ec2credentials \| cut -d' ' -f2)

	exec ./algo $1 -e "aws_mfa_serial=$(echo $ec2credentials \| cut -d' ' -f3)"
	# have the algo playbook prompt for the vault password
	# vault should store the aws secrets
	./algo --vault-id @prompt -e @vars/aws_secrets.yml