Skip to content

Instantly share code, notes, and snippets.

@philpennock

philpennock/aws

Created Feb 27, 2018
Embed
What would you like to do?
shim script for aws to use aws-vault as needed
#!/bin/sh -eu
aws=/usr/local/bin/aws
die() { printf >&2 '%s: %s\n' "$0" "$*"; exit 1; }
if ! [ -x "$aws" ]; then
case $0 in
/*) ;;
*) die "missing '${aws}' and not invoked with absolute path to skip self" ;;
esac
for candidate in $(which -a aws); do
[ "$candidate" != "$0" ] || continue
aws="$candidate"
break
done
[ -x "$aws" ] || die "missing an executable aws other than the shim"
fi
for last; do true; done
if [ "${1:-}" = "help" ] || [ "${last:-}" = "--help" ] || [ "${last:-}" = "help" ]; then
exec "$aws" "$@"
fi
# Already have an auth-token, avoid re-hitting aws-vault
if [ -n "${AWS_SESSION_TOKEN:-}" ]; then
exec "$aws" "$@"
fi
if [ -n "${AWS_ACCESS_KEY_ID:-}" ] && [ -n "${AWS_SECRET_ACCESS_KEY:-}" ]; then
exec "$aws" "$@"
fi
if [ -n "${AWS_PROFILE:-}" ]; then
exec aws-vault exec "$AWS_PROFILE" -- "$aws" "$@"
fi
die "missing credentials to choose dispatch to next-in-chain aws"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.