| 1234567891011121314151617181920212223242526272829303132333435363738 |
- #! /usr/local/bin/bash
- #
- # Requires a new bash than comes with OS X. Install bash from homebrew
- # via `brew install bash`
- ALL_PROFILES=$( egrep "\[profile" ~/.aws/config | \
- awk '{ print $2 }' | \
- sed "s/\]//" | \
- egrep -v "default|commercial|govcloud" )
- read -p "THIS WILL RESET THE MDRADMIN USER PASSWORD IN EVERY PROFILE. Continue [y/N]? " -n 1 -r
- if [[ $REPLY =~ ^[Yy]$ ]]; then
- echo ""
- else
- echo Exiting...
- exit 10
- fi
- echo ""
- echo "Copy and paste the following into the vault under engineering/cloud/aws/root-credits/MDRAdmin"
- echo "If there are errors, try running a second (or third) time"
- echo ""
- echo \{
-
- for p in $ALL_PROFILES; do
- NEWPASS=$( </dev/urandom LC_ALL=C tr -dc 'A-Za-z0-9@#%_+=' | head -c 32 )
- # The "@Q" syntax ensures the password is shell escaped
- aws --profile $p iam update-login-profile --user-name MDRAdmin --no-password-reset-required --password ${NEWPASS@Q} > /dev/null
- echo \ \ \"${p}\": \"${NEWPASS}\",
- done
- # Trailing comma is a problem, so we'll just add the date
- echo \ \ \"LAST_UPDATED\": \"$(date)\"
- echo \}
|
