Class: Dev::Aws::Account

Inherits:

Object

• Object
• Dev::Aws::Account

Defined in:

lib/firespring_dev_commands/aws/account.rb,
lib/firespring_dev_commands/aws/account/info.rb

Overview

Class containing useful methods for interacting with the Aws account

Defined Under Namespace

Classes: Config, Info

Constant Summary

CONFIG_FILE =

The name of the file containing the Aws settings

"#{Dev::Aws::CONFIG_DIR}/config".freeze

Instance Attribute Summary

• #children ⇒ Object

  Returns the value of attribute children.

• #default ⇒ Object

  Returns the value of attribute default.

• #ecr_registry_ids ⇒ Object

  Returns the value of attribute ecr_registry_ids.

• #root ⇒ Object

  Returns the value of attribute root.

Class Method Summary

• .config {|@config| ... } ⇒ Object (also: configure)

  Instantiates a new top level config object if one hasn’t already been created Yields that config object to any given block Returns the resulting config object.

• .config_ini ⇒ Object

  Returns the config ini file associated with this object.

Instance Method Summary

• #all ⇒ Object

  Returns all configured account information objects.

• #all_accounts ⇒ Object

  Returns the id portion of all configured account information objects.

• #all_names ⇒ Object

  Returns the name portion of all configured account information objects.

• #base_setup! ⇒ Object

  Setup base Aws settings.

• #initialize ⇒ Account constructor

  Instantiate an account object Requires that root account and at least one child account have been configured All accounts must be of type Dev::Aws::Account::Info If a registry is configured then the user will be logged in to ECR when they log in to the account.

• #name_by_account(account) ⇒ Object

  Look up the account name for the given account id.

• #select ⇒ Object

  Menu to select one of the Aws child accounts.

• #select_default ⇒ Object

  Method of determining what the appropriate default account is for the select menu Filters out the account you are currently logged in to if it’s no longer an option on the project you are currently trying to login on.

• #setup!(account) ⇒ Object

  Setup Aws account specific settings.

• #write!(account) ⇒ Object

  Write Aws account specific settings to the config file.

Constructor Details

#initialize ⇒ Account

Instantiate an account object Requires that root account and at least one child account have been configured All accounts must be of type Dev::Aws::Account::Info If a registry is configured then the user will be logged in to ECR when they log in to the account

# File 'lib/firespring_dev_commands/aws/account.rb', line 36

def initialize
  raise 'Root account must be configured' unless self.class.config.root.is_a?(Dev::Aws::Account::Info)
  raise 'Child accounts must be configured' if self.class.config.children.empty? || !self.class.config.children.all?(Dev::Aws::Account::Info)

  @root = self.class.config.root
  @children = self.class.config.children
  @default = self.class.config.default

  # Create the ecr registry list based off several possible configuration values
  @ecr_registry_ids = Array(self.class.config.ecr_registry_ids)
  @ecr_registry_ids << Dev::Aws::Profile.new.current if self.class.config.login_to_account_ecr_registry
  @ecr_registry_ids = @ecr_registry_ids.flatten.compact.reject(&:empty?).uniq
end

Instance Attribute Details

#children ⇒ Object

Returns the value of attribute children.

# File 'lib/firespring_dev_commands/aws/account.rb', line 30

def children
  @children
end

#default ⇒ Object

Returns the value of attribute default.

# File 'lib/firespring_dev_commands/aws/account.rb', line 30

def default
  @default
end

#ecr_registry_ids ⇒ Object

Returns the value of attribute ecr_registry_ids.

# File 'lib/firespring_dev_commands/aws/account.rb', line 30

def ecr_registry_ids
  @ecr_registry_ids
end

#root ⇒ Object

Returns the value of attribute root.

# File 'lib/firespring_dev_commands/aws/account.rb', line 30

def root
  @root
end

Class Method Details

.config {|@config| ... } ⇒ Object Also known as: configure

Instantiates a new top level config object if one hasn’t already been created Yields that config object to any given block Returns the resulting config object

Yields:

• (@config)

# File 'lib/firespring_dev_commands/aws/account.rb', line 11

def self.config
  @config ||= Config.new(default_login_role_name: Dev::Aws::DEFAULT_LOGIN_ROLE_NAME)
  yield(@config) if block_given?
  @config
end

.config_ini ⇒ Object

Returns the config ini file associated with this object

# File 'lib/firespring_dev_commands/aws/account.rb', line 26

def self.config_ini
  IniFile.new(filename: CONFIG_FILE, default: 'default')
end

Instance Method Details

#all ⇒ Object

Returns all configured account information objects

# File 'lib/firespring_dev_commands/aws/account.rb', line 51

def all
  @all ||= ([root] + children).sort_by(&:name)
end

#all_accounts ⇒ Object

Returns the id portion of all configured account information objects

# File 'lib/firespring_dev_commands/aws/account.rb', line 61

def all_accounts
  @all_accounts ||= all.map(&:id)
end

#all_names ⇒ Object

Returns the name portion of all configured account information objects

# File 'lib/firespring_dev_commands/aws/account.rb', line 56

def all_names
  @all_names ||= all.map(&:name)
end

#base_setup! ⇒ Object

Setup base Aws settings

# File 'lib/firespring_dev_commands/aws/account.rb', line 71

def base_setup!
  # Make the base config directory
  FileUtils.mkdir_p(Dev::Aws::CONFIG_DIR)

  puts
  puts 'Configuring default login values'

  # Write region and mfa serial to config file
  cfgini = self.class.config_ini
  defaultini = cfgini['default']

  region_default = defaultini['region'] || ENV['AWS_DEFAULT_REGION'] || Dev::Aws::DEFAULT_REGION
  defaultini['region'] = Dev::Common.new.ask('Default region name', region_default)

  # NOTE: We had an old config for "mfa_serial" which included the entire arn. We deprecated that config since
  #       it made it much more difficult to switch between different root accounts.
  mfa_name_default = defaultini['mfa_serial']&.split(%r{mfa/})&.last || ENV['AWS_MFA_ARN']&.split(%r{mfa/})&.last || ENV.fetch('USERNAME', nil)
  defaultini['mfa_serial_name'] = Dev::Common.new.ask('Default mfa name', mfa_name_default)
  # TODO: mfa_serial is deprecated. Eventually, we should delete the mfa_serial entry from the config. Leaving it for now
  #       because some projects may be using older versions of the dev_commands library
  # defaultini.delete('mfa_serial')

  session_name_default = defaultini['role_session_name'] || "#{ENV.fetch('USERNAME', 'no_username_found')}_cli"
  defaultini['role_session_name'] = Dev::Common.new.ask('Default session name', session_name_default)

  duration_default = defaultini['session_duration'] || 36_000
  defaultini['session_duration'] = Dev::Common.new.ask('Default session duration in seconds', duration_default)

  cfgini.write
end

#name_by_account(account) ⇒ Object

Look up the account name for the given account id

# File 'lib/firespring_dev_commands/aws/account.rb', line 66

def name_by_account(account)
  all.find { |it| it.id == account }&.name
end

#select ⇒ Object

Menu to select one of the Aws child accounts

# File 'lib/firespring_dev_commands/aws/account.rb', line 148

def select
  # If there is only one child account, use that
  return children.first.id if children.length == 1

  # Output a list for the user to select from
  puts 'Account Selection:'
  children.each_with_index do |account, i|
    printf "  %2s) %-20s    %s\n", i + 1, account.name, account.id
  end
  selection = Dev::Common.new.ask('Enter the number of the account you wish to log in to', select_default)
  number = selection.to_i
  raise "Invalid selection: #{selection}" if number < 1

  # If the selection is 3 characters or more, assume they entered the full account number
  if selection.length > 3
    raise "Invalid selection: #{selection}" unless all_accounts.include?(selection)

    return selection
  end

  # Otherwise they probably entered the number of the account to use
  # Use the number as the index for lookup in accounts array and then get the value of that number
  raise "Invalid selection: #{selection}" unless children.length >= number

  children[number - 1].id
end

#select_default ⇒ Object

Method of determining what the appropriate default account is for the select menu Filters out the account you are currently logged in to if it’s no longer an option on the project you are currently trying to login on

# File 'lib/firespring_dev_commands/aws/account.rb', line 178

def select_default
  # If we are currently logged in to one of the configured accounts, use it as the default
  account_id = Dev::Env.new(Dev::Aws::Profile::CONFIG_FILE).get(Dev::Aws::Profile::IDENTIFIER)
  return account_id if all_accounts.include?(account_id)

  # Otherwise, if a default is configured, use that
  return default if default

  # Otherwise, just return the first account
  children.first.id
end

#setup!(account) ⇒ Object

Setup Aws account specific settings

# File 'lib/firespring_dev_commands/aws/account.rb', line 103

def setup!(account)
  # Run base setup if it doesn't exist
  Rake::Task['aws:configure:default'].invoke unless File.exist?(CONFIG_FILE) && self.class.config_ini.has_section?('default')

  puts
  puts "Configuring #{account} login values"

  write!(account)
  puts
end

#write!(account) ⇒ Object

Write Aws account specific settings to the config file

# File 'lib/firespring_dev_commands/aws/account.rb', line 115

def write!(account)
  raise 'Configure default account settings first (rake aws:configure:default)' unless File.exist?(CONFIG_FILE)

  # Parse the ini file and load values
  cfgini = self.class.config_ini
  defaultini = cfgini['default']
  profileini = cfgini["profile #{account}"]

  profileini['source_profile'] = account

  region_default = profileini['region'] || defaultini['region'] || ENV['AWS_DEFAULT_REGION'] || Dev::Aws::DEFAULT_REGION
  profileini['region'] = Dev::Common.new.ask('Default region name', region_default)

  # NOTE: Turns out the role_arn is needed by the aws cli so we are changing directions here. Eventually we should remove the role_name
  #       from the ini files and only store the role arn. However we need to still keep the functinoality so that the user is only asked
  #       for the role name - not the entire arn
  role_name_default = if profileini['role_name']
                        profileini['role_name']
                      elsif profileini['role_arn']
                        profileini['role_arn']&.split(%r{role/})&.last
                      else
                        self.class.config.default_login_role_name
                      end
  role_name = Dev::Common.new.ask('Default role name', role_name_default)
  profileini['role_arn'] = "arn:aws:iam::#{account}:role/#{role_name}"
  # TODO: role_name is deprecated. Eventually, we should delete the role_name entry from the config. Leaving it for now
  #       because some projects may be using older versions of the dev_commands library
  # profileini.delete('role_name')

  cfgini.write
end