aws-rotate 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +3 -0
- data/lib/aws_rotate/list.rb +8 -2
- data/lib/aws_rotate/version.rb +1 -1
- data/spec/fixtures/home/.aws/credentials +5 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c85b85f79901f2d804bf3fc34a79ab98a3a98415d2563c5fa35fa15590039bba
|
|
4
|
+
data.tar.gz: a8e5de6fc530f5dd83331c7ff107ab9bf514bd969213bd06cf5305f0f74a94d4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: aa16ea94eeb831e229abb91125d1a6e52f8dce9c579e6ff65b12c2de50dfef6c62e7055e7419b90b4e61fe0804fbce547a560fd59704eb7216fca12af868f614
|
|
7
|
+
data.tar.gz: '09cc7c85de88b5db1b8286c3b8da6a9bf96a979979a6be1840aaab89529586775e01fc8ab77b6b9843cbb12753f26c974a91e7d49a2cb6f6536b692e416fccea'
|
data/CHANGELOG.md
CHANGED
|
@@ -3,6 +3,9 @@
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
This project *tries* to adhere to [Semantic Versioning](http://semver.org/), even before v1.0.
|
|
5
5
|
|
|
6
|
+
## [0.4.0]
|
|
7
|
+
- dont rotate aws profiles that have mfa_serial in them. For aws-mfa-secure gem.
|
|
8
|
+
|
|
6
9
|
## [0.3.0]
|
|
7
10
|
- only rotate profiles with keys. skip profiles using assumed role.
|
|
8
11
|
|
data/lib/aws_rotate/list.rb
CHANGED
|
@@ -11,8 +11,14 @@ module AwsRotate
|
|
|
11
11
|
profiles
|
|
12
12
|
end
|
|
13
13
|
|
|
14
|
-
# Only returns profiles that have aws_access_key_id
|
|
14
|
+
# Only returns profiles that have aws_access_key_id without mfa_serial
|
|
15
15
|
def profiles
|
|
16
|
+
iam_profiles = find_profiles(/^aws_access_key_id/)
|
|
17
|
+
mfa_profiles = find_profiles(/^mfa_serial/)
|
|
18
|
+
iam_profiles - mfa_profiles
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def find_profiles(regexp)
|
|
16
22
|
has_key, within_profile, profiles = false, false, []
|
|
17
23
|
all_profiles.each do |profile|
|
|
18
24
|
@lines.each do |line|
|
|
@@ -20,7 +26,7 @@ module AwsRotate
|
|
|
20
26
|
within_profile = false if line =~ /^\[/ # on the next profile section, reset flag
|
|
21
27
|
within_profile ||= line == "[#{profile}]" # enable checking
|
|
22
28
|
if within_profile
|
|
23
|
-
has_key = line =~
|
|
29
|
+
has_key = line =~ regexp
|
|
24
30
|
if has_key
|
|
25
31
|
profiles << profile
|
|
26
32
|
break
|
data/lib/aws_rotate/version.rb
CHANGED
|
@@ -13,3 +13,8 @@ source_profile = parent-account
|
|
|
13
13
|
[iam-account]
|
|
14
14
|
aws_access_key_id=BBBEXAMPLEAABBCCDDEE
|
|
15
15
|
aws_secret_access_key=BBBEXAMPLEAABBCCDDEEFFGGHHIIJJKKLLMMNNOO
|
|
16
|
+
|
|
17
|
+
[iam-account-mfa]
|
|
18
|
+
aws_access_key_id=TESTEXAMPLEAABBCCDDE
|
|
19
|
+
aws_secret_access_key=TESTEXAMPLEAABBCCDDEEFFGGHHIIJJKKLLMMNNO
|
|
20
|
+
mfa_serial = arn:aws:iam::112233445566:mfa/MFAUser
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws-rotate
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.4.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tung Nguyen
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2019-
|
|
11
|
+
date: 2019-11-09 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: activesupport
|