Class: AwsSessionToken::CLI
- Inherits:
-
Object
- Object
- AwsSessionToken::CLI
- Defined in:
- lib/aws_session_token/cli.rb
Overview
Execute the process for getting & updating the session token.
Instance Attribute Summary collapse
-
#options ⇒ Object
Returns the value of attribute options.
Instance Method Summary collapse
-
#initialize ⇒ CLI
constructor
A new instance of CLI.
- #mfa_device ⇒ Object
- #run ⇒ Object
- #session_token(mfa_device, otp) ⇒ Object
- #set_aws_creds ⇒ Object
- #token_prompt ⇒ Object
- #validate_creds_file ⇒ Object
Constructor Details
#initialize ⇒ CLI
Returns a new instance of CLI.
28 29 30 31 32 |
# File 'lib/aws_session_token/cli.rb', line 28 def initialize @options = Options.new @creds_file = CredentialsFile.new @console = Console.new end |
Instance Attribute Details
#options ⇒ Object
Returns the value of attribute options.
26 27 28 |
# File 'lib/aws_session_token/cli.rb', line 26 def @options end |
Instance Method Details
#mfa_device ⇒ Object
66 67 68 69 70 71 72 73 74 75 76 |
# File 'lib/aws_session_token/cli.rb', line 66 def mfa_device iam_client = Aws::IAM::Client.new params = { max_items: 1 } params[:user_name] = @options.user if @options.user response = iam_client.list_mfa_devices(params) list = response.mfa_devices return list[0].serial_number unless list.nil? || list.empty? warn "\nSpecified profile/user doesn't have MFA device." warn "\nScript execution unnecessary." exit end |
#run ⇒ Object
34 35 36 37 38 39 40 41 42 43 |
# File 'lib/aws_session_token/cli.rb', line 34 def run @options.parse(ARGV) validate_creds_file set_aws_creds mfa = mfa_device token = @options.token || token_prompt creds = session_token(mfa, token) @creds_file.write(@options.credentials_file, @options.session_profile, creds) if @options.session_profile @console.write(creds) if @options.console end |
#session_token(mfa_device, otp) ⇒ Object
83 84 85 86 87 88 89 90 91 |
# File 'lib/aws_session_token/cli.rb', line 83 def session_token(mfa_device, otp) @sts_client = Aws::STS::Client.new resp = @sts_client.get_session_token( duration_seconds: @options.duration, serial_number: mfa_device, token_code: otp.to_s ) resp.credentials end |
#set_aws_creds ⇒ Object
58 59 60 61 62 63 64 |
# File 'lib/aws_session_token/cli.rb', line 58 def set_aws_creds credentials = Aws::SharedCredentials.new(path: @options.credentials_file, profile_name: @options.profile) Aws.config.update(credentials: credentials) rescue Aws::Errors::NoSuchProfileError warn "\nSpecified AWS Profile doesn't exist: #{@options.profile}" exit 1 end |
#token_prompt ⇒ Object
78 79 80 81 |
# File 'lib/aws_session_token/cli.rb', line 78 def token_prompt cli = HighLine.new cli.ask "Specify the OTP Token for the profile #{@options.profile}:" end |
#validate_creds_file ⇒ Object
45 46 47 48 49 50 51 52 53 54 55 56 |
# File 'lib/aws_session_token/cli.rb', line 45 def validate_creds_file return if File.exist?(@options.credentials_file) && File.writable?(@options.credentials_file) unless File.exist?(@options.credentials_file) raise( ArgumentError, "Specified credentials file is missing: #{@options.credentials_file}" ) end raise( ArgumentError, "Specified credentials file cannot be modified by current user: #{@options.credentials_file}" ) end |