Sha256: bd053af817fad1f0f2edf728885ba1ad106b0069f32f9996dd04e46a4adf05ab

Contents?: true

Size: 1.13 KB

Versions: 4

Compression:

Stored size: 1.13 KB

Contents

module AwsMfaSecure
  class Exports < Base
    def initialize(options={})
      @options = options
      @aws_profile = aws_profile
    end

    def run
      # Allow use `aws-mfa-secure exports --no-mfa`
      # This bypasses the check for mfa_serial being configured in the ~/.aws/credentials profile
      # Useful if we want to grab temporary AWS_xxx credentials for testing.
      if @options[:mfa] == false
        resp = sts.get_session_token
        puts script(resp.credentials)
        return
      end

      unless iam_mfa?
        $stderr.puts "WARN: mfa_serial is not configured for this AWS_PROFILE=#{@aws_profile}"
        $stderr.puts "If you want to use exports without this mfa_serial check. Use the --no-mfa option."
        return
      end

      if fetch_creds?
        resp = get_session_token
        save_creds(resp.credentials.to_h)
      end

      puts script(credentials)
    end

    def script(creds)
      <<~EOL
        export AWS_ACCESS_KEY_ID=#{creds["access_key_id"]}
        export AWS_SECRET_ACCESS_KEY=#{creds["secret_access_key"]}
        export AWS_SESSION_TOKEN=#{creds["session_token"]}
      EOL
    end
  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version Path
aws-mfa-secure-0.4.5 lib/aws_mfa_secure/exports.rb
aws-mfa-secure-0.4.4 lib/aws_mfa_secure/exports.rb
aws-mfa-secure-0.4.3 lib/aws_mfa_secure/exports.rb
aws-mfa-secure-0.4.2 lib/aws_mfa_secure/exports.rb