Last active
January 30, 2024 15:28
-
-
Save exequielrafaela/2d963c6f12186a1492f870ce2f9f9dde to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
#### Pre-requisites | |
## NOTE: You need to install the SSM plugin for the AWS CLI | |
## https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-install-plugin.html | |
#### Variables initialization | |
PROJECT_SHORT="bb" | |
FOLDER="le-tf-infra-aws" | |
COMMON_CONFIG_FILE="$FOLDER/config/common.tfvars" | |
REPO_URL="[email protected]:binbashar/$FOLDER.git" | |
AWS_CREDS_DIR="~/.aws/$PROJECT_SHORT" | |
AWS_PROFILE="$PROJECT_SHORT-shared-devops" | |
SKIP_VALIDATION="yes" | |
##### Change directory to a layer & authenticate via SSO | |
echo "Authenticating..." | |
if [ ! -d "$FOLDER" ] ; then | |
git clone "$REPO_URL" "$FOLDER" | |
fi | |
if [ ! -f "$COMMON_CONFIG_FILE" ] ; then | |
mv $FOLDER/config/common.tfvars.example $COMMON_CONFIG_FILE | |
fi | |
cd $FOLDER/shared/us-east-1/tools-vpn-server | |
leverage aws sso configure | |
if [ $? -ne 0 ]; then { echo "Authentication failed, aborting." ; exit 1; } fi | |
echo "Done." | |
##### Run init | |
echo "Writing credentials file..." | |
leverage terraform init | |
if [ $? -ne 0 ]; then { echo "Writing credentials failed, aborting." ; exit 1; } fi | |
echo "Done." | |
##### Export your AWS creds ENV vars | |
echo "Exporting AWS credentials ENV vars..." | |
export AWS_SHARED_CREDENTIALS_FILE="$AWS_CREDS_DIR/credentials" | |
export AWS_CONFIG_FILE="$AWS_CREDS_DIR/config" | |
if [ $? -ne 0 ]; then { echo "Exporting credentials failed, aborting." ; exit 1; } fi | |
echo "Done exporting credentials." | |
##### Change AWS config file permissions: Get userID and groupID | |
echo "Changing file permissions..." | |
sudo chown $(who | awk 'NR==1{print $1}'):$(id -gn) ~/.aws/bb/* | |
if [ $? -ne 0 ]; then { echo "Changing file permissions failed, aborting." ; exit 1; } fi | |
echo "Done changing file permissions." | |
##### Validate | |
### "yes" to skip credentials validation | |
if [ "$SKIP_VALIDATION" = "no" ]; then | |
echo "Validating identity..." | |
aws sts get-caller-identity --profile $AWS_PROFILE | |
fi | |
if [ $? -ne 0 ]; then { echo "Validating identity failed, aborting." ; exit 1; } fi | |
echo "Done validating." | |
echo "" | |
echo "Please export AWS credentials ENV vars" | |
echo 'export AWS_SHARED_CREDENTIALS_FILE="$AWS_CREDS_DIR/credentials"' | |
echo 'export AWS_CONFIG_FILE="$AWS_CREDS_DIR/config"' | |
echo "=========================================================================================================" | |
echo "You are ready to use SSM: aws ssm start-session --target INSTANCE ID --profile PROFILE --region us-east-1" | |
echo "eg: aws ssm start-session --target i-019f33xxxxxxxxxxx --profile $AWS_PROFILE --region us-east-1" | |
echo "=========================================================================================================" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment