| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 |
- #!/bin/bash
- # Runs the same aws CLI command in "most" of the defined profiles
- # in $HOME/.aws/config
- #
- # You can pass in via an environment variable a "profile set"
- # of either "commercial", "govcloud", or "both". Default is "both"
- #
- # Does an "aws sts get-caller-identity" to confirm that your AssumeRole
- # and other necessities are properly set up before attempting to call the
- # actual AWS command.
- #
- # PROFILE_SET=commercial aws-all.sh ec2 describe-instances
- #
- set -eu -o pipefail
- AWS=${AWS:-/usr/local/bin/aws}
- PROFILE_SET=${PROFILE_SET:-both}
- ALL_PROFILES=$( egrep "\[profile" ~/.aws/config | \
- awk '{ print $2 }' | \
- sed "s/\]//" | \
- egrep -v "default|commercial|govcloud" )
- COMMERCIAL_PROFILES=""
- GOVCLOUD_PROFILES=""
- for i in $ALL_PROFILES; do
- if [[ "$i" =~ -gov$ ]]; then
- GOVCLOUD_PROFILES="$GOVCLOUD_PROFILES $i"
- else
- COMMERCIAL_PROFILES="$COMMERCIAL_PROFILES $i"
- fi
- done
- case $PROFILE_SET in
- both)
- PROFILES="$COMMERCIAL_PROFILES $GOVCLOUD_PROFILES"
- ;;
-
- govcloud)
- PROFILES="$GOVCLOUD_PROFILES"
- ;;
- commercial)
- PROFILES="$COMMERCIAL_PROFILES"
- ;;
- esac
- for i in $PROFILES; do
- echo "======================================================================================"
- export AWS_PROFILE=$i
-
- set +e
- ${AWS} sts get-caller-identity > /dev/null 2>&1
- RC=$?
- set -e
- if [[ $RC -eq 0 ]]; then
- echo "GetCallerIdentity (AssumeRole Test) for $i OK"
- echo delete-iam-user.py CloudCheckrUser
- delete-iam-user.py CloudCheckrUser
- else
- echo "GetCallerIdentity (AssumeRole Test) for $i FAILED"
- fi
- done
|
