-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adds profiles autocompletion, new aven function, reads AWS_VAULT if profile not specified #16
base: main
Are you sure you want to change the base?
Conversation
This adds support to read current aws profile and use it to fire avll avli and others without need to repeat profile This also introduces aven function which basically allows to switch aws-vault profiles without executing to new shell just setting correct envs in current running shell
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@gacopl thanks for your time in putting this together! there are a few items that should be addressed before we can merge this. if you have time to take a look, I'll be happy to re-review.
aws-vault login -s $aws_profile | ||
} | ||
|
||
function aven() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I like the idea behind this. I've definitely run into it a few times in the past.
aven
feels related to ave
when, to the user, they don't really need to know that you're doing an aws-vault
exec under the hood. What do you think about, instead, calling this avn
("aws-vault new")?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
what this really does is instead of spawning subshell it exports tokens to current shell hence aven - Aws-Vault ENv ;) but i dont really care how its called :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, alright - I see where you were going with this. I like avenv
!
unset AWS_SESSION_EXPIRATION | ||
unset AWS_SESSION_TOKEN | ||
unset AWS_VAULT | ||
export $(aws-vault exec $aws_profile -- env | grep AWS) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think we'll need to retain the case statement (case ${AWS_VAULT_PL_MFA} in
) to support yubikey devices (see avsh
and avli
below).
Since that code's duplicated a few places, you might even consider breaking out a helper method.
This adds
aven - function performs executes ave and imports AWS tokens to current running shell instead of starting new shell allowing to switching profiles without switching shell
read AWS_VAULT variable when profile not specified - for example after you ran ave and want to fire avli with same profile you dont have to type it, it will take profile name from env var
autocompletion completes with ~/.aws/config profile names commands avl avll avli and so on allowing for faster typing and switches