Class: Dev::Aws::Account
- Defined in:
- lib/firespring_dev_commands/aws/account.rb,
lib/firespring_dev_commands/aws/account/info.rb
Overview
Class containing useful methods for interacting with the Aws account
Defined Under Namespace
Constant Summary collapse
- CONFIG_FILE =
The name of the file containing the Aws settings
"#{Dev::Aws::CONFIG_DIR}/config".freeze
Instance Attribute Summary collapse
-
#children ⇒ Object
Returns the value of attribute children.
-
#default ⇒ Object
Returns the value of attribute default.
-
#ecr_registry_ids ⇒ Object
Returns the value of attribute ecr_registry_ids.
-
#root ⇒ Object
Returns the value of attribute root.
Class Method Summary collapse
-
.config {|@config| ... } ⇒ Object
(also: configure)
Instantiates a new top level config object if one hasn’t already been created Yields that config object to any given block Returns the resulting config object.
-
.config_ini ⇒ Object
Returns the config ini file associated with this object.
Instance Method Summary collapse
-
#all ⇒ Object
Returns all configured account information objects.
-
#all_accounts ⇒ Object
Returns the id portion of all configured account information objects.
-
#all_names ⇒ Object
Returns the name portion of all configured account information objects.
-
#base_setup! ⇒ Object
Setup base Aws settings.
-
#initialize ⇒ Account
constructor
Instantiate an account object Requires that root account and at least one child account have been configured All accounts must be of type Dev::Aws::Account::Info If a registry is configured then the user will be logged in to ECR when they log in to the account.
-
#name_by_account(account) ⇒ Object
Look up the account name for the given account id.
-
#select ⇒ Object
Menu to select one of the Aws child accounts.
-
#select_default ⇒ Object
Method of determining what the appropriate default account is for the select menu Filters out the account you are currently logged in to if it’s no longer an option on the project you are currently trying to login on.
-
#setup!(account) ⇒ Object
Setup Aws account specific settings.
-
#write!(account) ⇒ Object
Write Aws account specific settings to the config file.
Constructor Details
#initialize ⇒ Account
Instantiate an account object Requires that root account and at least one child account have been configured All accounts must be of type Dev::Aws::Account::Info If a registry is configured then the user will be logged in to ECR when they log in to the account
36 37 38 39 40 41 42 43 44 45 46 47 48 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 36 def initialize raise 'Root account must be configured' unless self.class.config.root.is_a?(Dev::Aws::Account::Info) raise 'Child accounts must be configured' if self.class.config.children.empty? || !self.class.config.children.all?(Dev::Aws::Account::Info) @root = self.class.config.root @children = self.class.config.children @default = self.class.config.default # Create the ecr registry list based off several possible configuration values @ecr_registry_ids = Array(self.class.config.ecr_registry_ids) @ecr_registry_ids << Dev::Aws::Profile.new.current if self.class.config.login_to_account_ecr_registry @ecr_registry_ids = @ecr_registry_ids.flatten.compact.reject(&:empty?).uniq end |
Instance Attribute Details
#children ⇒ Object
Returns the value of attribute children.
30 31 32 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 30 def children @children end |
#default ⇒ Object
Returns the value of attribute default.
30 31 32 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 30 def default @default end |
#ecr_registry_ids ⇒ Object
Returns the value of attribute ecr_registry_ids.
30 31 32 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 30 def ecr_registry_ids @ecr_registry_ids end |
Class Method Details
.config {|@config| ... } ⇒ Object Also known as: configure
Instantiates a new top level config object if one hasn’t already been created Yields that config object to any given block Returns the resulting config object
11 12 13 14 15 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 11 def self.config @config ||= Config.new(default_login_role_name: Dev::Aws::DEFAULT_LOGIN_ROLE_NAME) yield(@config) if block_given? @config end |
.config_ini ⇒ Object
Returns the config ini file associated with this object
26 27 28 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 26 def self.config_ini IniFile.new(filename: CONFIG_FILE, default: 'default') end |
Instance Method Details
#all ⇒ Object
Returns all configured account information objects
51 52 53 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 51 def all @all ||= ([root] + children).sort_by(&:name) end |
#all_accounts ⇒ Object
Returns the id portion of all configured account information objects
61 62 63 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 61 def all_accounts @all_accounts ||= all.map(&:id) end |
#all_names ⇒ Object
Returns the name portion of all configured account information objects
56 57 58 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 56 def all_names @all_names ||= all.map(&:name) end |
#base_setup! ⇒ Object
Setup base Aws settings
71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 71 def base_setup! # Make the base config directory FileUtils.mkdir_p(Dev::Aws::CONFIG_DIR) puts puts 'Configuring default login values' # Write region and mfa serial to config file cfgini = self.class.config_ini defaultini = cfgini['default'] region_default = defaultini['region'] || ENV['AWS_DEFAULT_REGION'] || Dev::Aws::DEFAULT_REGION defaultini['region'] = Dev::Common.new.ask('Default region name', region_default) # NOTE: We had an old config for "mfa_serial" which included the entire arn. We deprecated that config since # it made it much more difficult to switch between different root accounts. mfa_name_default = defaultini['mfa_serial']&.split(%r{mfa/})&.last || ENV['AWS_MFA_ARN']&.split(%r{mfa/})&.last || ENV.fetch('USERNAME', nil) defaultini['mfa_serial_name'] = Dev::Common.new.ask('Default mfa name', mfa_name_default) # TODO: mfa_serial is deprecated. Eventually, we should delete the mfa_serial entry from the config. Leaving it for now # because some projects may be using older versions of the dev_commands library # defaultini.delete('mfa_serial') session_name_default = defaultini['role_session_name'] || "#{ENV.fetch('USERNAME', 'no_username_found')}_cli" defaultini['role_session_name'] = Dev::Common.new.ask('Default session name', session_name_default) duration_default = defaultini['session_duration'] || 36_000 defaultini['session_duration'] = Dev::Common.new.ask('Default session duration in seconds', duration_default) cfgini.write end |
#name_by_account(account) ⇒ Object
Look up the account name for the given account id
66 67 68 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 66 def name_by_account(account) all.find { |it| it.id == account }&.name end |
#select ⇒ Object
Menu to select one of the Aws child accounts
148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 148 def select # If there is only one child account, use that return children.first.id if children.length == 1 # Output a list for the user to select from puts 'Account Selection:' children.each_with_index do |account, i| printf " %2s) %-20s %s\n", i + 1, account.name, account.id end selection = Dev::Common.new.ask('Enter the number of the account you wish to log in to', select_default) number = selection.to_i raise "Invalid selection: #{selection}" if number < 1 # If the selection is 3 characters or more, assume they entered the full account number if selection.length > 3 raise "Invalid selection: #{selection}" unless all_accounts.include?(selection) return selection end # Otherwise they probably entered the number of the account to use # Use the number as the index for lookup in accounts array and then get the value of that number raise "Invalid selection: #{selection}" unless children.length >= number children[number - 1].id end |
#select_default ⇒ Object
Method of determining what the appropriate default account is for the select menu Filters out the account you are currently logged in to if it’s no longer an option on the project you are currently trying to login on
178 179 180 181 182 183 184 185 186 187 188 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 178 def select_default # If we are currently logged in to one of the configured accounts, use it as the default account_id = Dev::Env.new(Dev::Aws::Profile::CONFIG_FILE).get(Dev::Aws::Profile::IDENTIFIER) return account_id if all_accounts.include?(account_id) # Otherwise, if a default is configured, use that return default if default # Otherwise, just return the first account children.first.id end |
#setup!(account) ⇒ Object
Setup Aws account specific settings
103 104 105 106 107 108 109 110 111 112 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 103 def setup!(account) # Run base setup if it doesn't exist Rake::Task['aws:configure:default'].invoke unless File.exist?(CONFIG_FILE) && self.class.config_ini.has_section?('default') puts puts "Configuring #{account} login values" write!(account) puts end |
#write!(account) ⇒ Object
Write Aws account specific settings to the config file
115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 |
# File 'lib/firespring_dev_commands/aws/account.rb', line 115 def write!(account) raise 'Configure default account settings first (rake aws:configure:default)' unless File.exist?(CONFIG_FILE) # Parse the ini file and load values cfgini = self.class.config_ini defaultini = cfgini['default'] profileini = cfgini["profile #{account}"] profileini['source_profile'] = account region_default = profileini['region'] || defaultini['region'] || ENV['AWS_DEFAULT_REGION'] || Dev::Aws::DEFAULT_REGION profileini['region'] = Dev::Common.new.ask('Default region name', region_default) # NOTE: Turns out the role_arn is needed by the aws cli so we are changing directions here. Eventually we should remove the role_name # from the ini files and only store the role arn. However we need to still keep the functinoality so that the user is only asked # for the role name - not the entire arn role_name_default = if profileini['role_name'] profileini['role_name'] elsif profileini['role_arn'] profileini['role_arn']&.split(%r{role/})&.last else self.class.config.default_login_role_name end role_name = Dev::Common.new.ask('Default role name', role_name_default) profileini['role_arn'] = "arn:aws:iam::#{account}:role/#{role_name}" # TODO: role_name is deprecated. Eventually, we should delete the role_name entry from the config. Leaving it for now # because some projects may be using older versions of the dev_commands library # profileini.delete('role_name') cfgini.write end |