Created
May 7, 2020 07:52
-
-
Save thauanz/21e83cc9f6f759485b6d9cfe76b3e170 to your computer and use it in GitHub Desktop.
JumpCloud Script to configurate and login
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
set -euo pipefail | |
set -o allexport | |
# https://github.com/Versent/saml2aws#install | |
# https://anunknown.dev/articles/connecting-to-aws-using-saml | |
CMD=saml2aws | |
IDP_ACCOUNT=controller | |
IDP_PROVIDER=JumpCloud | |
URL=https://sso.jumpcloud.com/saml2/blablablablalba | |
SESSION_DURATION=43200 # 24 hours | |
PASSWORD=$(openssl rand -base64 12) | |
REGION=ap-southeast-2 | |
## + config: | |
## configure has to happen only once | |
## ./jumpcloud.sh config your-email | |
config() { | |
USERNAME=${1} | |
$CMD configure \ | |
--idp-account=$IDP_ACCOUNT \ | |
--idp-provider=$IDP_PROVIDER \ | |
--mfa='Auto' \ | |
--url=$URL \ | |
--username=$USERNAME \ | |
--region=$REGION \ | |
--session-duration=$SESSION_DURATION \ | |
--disable-keychain \ | |
--skip-prompt | |
echo "A file was generated in your local path ~/.saml2aws" | |
} | |
## + login: | |
## will login in the provider to select AWS account | |
## The name followed with the command will be the profile setting up in your machine | |
## ./jumpcloud.sh login name-of-profile | |
login() { | |
# aws profile name | |
PROFILE=${1} | |
$CMD login \ | |
-a $IDP_ACCOUNT \ | |
-p $PROFILE \ | |
--region=$REGION \ | |
--disable-keychain \ | |
--force | |
} | |
## + help: | |
## show menu options | |
help() { | |
echo "Help commands:" | |
sed -n 's/^##//p' ${0} | column -t -s ':' | sed -e 's/^/ /' | |
} | |
function run { | |
arg=${1:-help} | |
case "$arg" in | |
config) | |
config ${2} | |
;; | |
login) | |
login ${2:-dev} | |
;; | |
help) | |
help | |
exit 0 | |
esac | |
} | |
run "$@"; | |
set +o allexport |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment