oneaws 0.4.0 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +14 -0
- data/lib/oneaws/client.rb +33 -19
- data/lib/oneaws/version.rb +1 -1
- data/oneaws.gemspec +3 -1
- metadata +35 -7
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 5f54d58039f558feb418d69d9252d073333ac9a0fc6278f14d2e2589110908f2
|
|
4
|
+
data.tar.gz: 8185852f34183388ee1038aceade221dac8308cf0253d6ef37a8b4e911728a79
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 44c212bffa35b64a4150a008b4755a08b3a817ccb91de8a9e8a41dcb93e9fe07187b2c0eeec961adb39e2a4b11a6a2d6a81b10ac94884871b86eb32302edb9a9
|
|
7
|
+
data.tar.gz: b46a0acaf73c53fb6bfec0dcf5e778bde1a58332233b6b476e2cfc53f232f6f2b9b70a5dab0b8341e9856e8f9b93f6259c105ce8f1c84db21f881ee1e3bac75d
|
data/README.md
CHANGED
|
@@ -37,3 +37,17 @@ oneaws
|
|
|
37
37
|
```
|
|
38
38
|
|
|
39
39
|
`-u` オプションをつけていると `~/.aws/credentials` に追記されます(default: true)。
|
|
40
|
+
|
|
41
|
+
### ONEAWS_MFA_DEVICE
|
|
42
|
+
|
|
43
|
+
MFA デバイスを複数登録している場合、以下のようにデバイスの選択を求められます。
|
|
44
|
+
|
|
45
|
+
```
|
|
46
|
+
Available MFA devices:
|
|
47
|
+
1. OneLogin Protect (ID: ***)
|
|
48
|
+
2. OneLogin Auth (ID: ***)
|
|
49
|
+
|
|
50
|
+
Select MFA device (1-2):
|
|
51
|
+
```
|
|
52
|
+
|
|
53
|
+
デバイスの選択が面倒な場合は、環境変数 `ONEAWS_MFA_DEVICE` を指定することで、指定した番号のデバイスを自動で選択できます。上記を例にすると、`1. OneLogin Protect` を選ぶ場合は `ONEAWS_MFA_DEVICE=1` と指定します。
|
data/lib/oneaws/client.rb
CHANGED
|
@@ -15,7 +15,7 @@ module Oneaws
|
|
|
15
15
|
})
|
|
16
16
|
|
|
17
17
|
@aws = Aws::STS::Client.new(
|
|
18
|
-
credentials:
|
|
18
|
+
credentials: nil,
|
|
19
19
|
region: ENV['AWS_REGION'] || 'ap-northeast-1',
|
|
20
20
|
)
|
|
21
21
|
end
|
|
@@ -31,25 +31,8 @@ module Oneaws
|
|
|
31
31
|
end
|
|
32
32
|
|
|
33
33
|
mfa = response.mfa
|
|
34
|
+
mfa_device = select_mfa_device(mfa)
|
|
34
35
|
|
|
35
|
-
if mfa.devices.length == 1
|
|
36
|
-
mfa_device = mfa.devices.first
|
|
37
|
-
else
|
|
38
|
-
puts "\nAvailable MFA devices:"
|
|
39
|
-
mfa.devices.each_with_index do |device, index|
|
|
40
|
-
puts "#{index + 1}. #{device.type} (ID: #{device.id})"
|
|
41
|
-
end
|
|
42
|
-
|
|
43
|
-
print "\nSelect MFA device (1-#{mfa.devices.length}): "
|
|
44
|
-
selection = STDIN.gets.chomp.to_i
|
|
45
|
-
|
|
46
|
-
if selection < 1 || selection > mfa.devices.length
|
|
47
|
-
raise MfaDeviceNotFoundError.new("Invalid device selection.")
|
|
48
|
-
end
|
|
49
|
-
|
|
50
|
-
mfa_device = mfa.devices[selection - 1]
|
|
51
|
-
end
|
|
52
|
-
|
|
53
36
|
device_types_that_do_not_require_token = [
|
|
54
37
|
"OneLogin Protect"
|
|
55
38
|
]
|
|
@@ -83,5 +66,36 @@ module Oneaws
|
|
|
83
66
|
}
|
|
84
67
|
@aws.assume_role_with_saml(params)[:credentials]
|
|
85
68
|
end
|
|
69
|
+
|
|
70
|
+
private
|
|
71
|
+
|
|
72
|
+
def select_mfa_device(mfa)
|
|
73
|
+
if mfa.devices.length == 1
|
|
74
|
+
return mfa.devices.first
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
if selection = ENV["ONEAWS_MFA_DEVICE"] &.to_i
|
|
78
|
+
if selection <= 0
|
|
79
|
+
warn "ONEAWS_MFA_DEVICE must be >= 1"
|
|
80
|
+
exit 1
|
|
81
|
+
end
|
|
82
|
+
|
|
83
|
+
return mfa.devices[selection - 1]
|
|
84
|
+
end
|
|
85
|
+
|
|
86
|
+
puts "\nAvailable MFA devices:"
|
|
87
|
+
mfa.devices.each_with_index do |device, index|
|
|
88
|
+
puts "#{index + 1}. #{device.type} (ID: #{device.id})"
|
|
89
|
+
end
|
|
90
|
+
|
|
91
|
+
print "\nSelect MFA device (1-#{mfa.devices.length}): "
|
|
92
|
+
selection = STDIN.gets.chomp.to_i
|
|
93
|
+
|
|
94
|
+
if selection < 1 || selection > mfa.devices.length
|
|
95
|
+
raise MfaDeviceNotFoundError.new("Invalid device selection.")
|
|
96
|
+
end
|
|
97
|
+
|
|
98
|
+
mfa.devices[selection - 1]
|
|
99
|
+
end
|
|
86
100
|
end
|
|
87
101
|
end
|
data/lib/oneaws/version.rb
CHANGED
data/oneaws.gemspec
CHANGED
|
@@ -24,8 +24,10 @@ Gem::Specification.new do |spec|
|
|
|
24
24
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
|
25
25
|
spec.require_paths = ['lib']
|
|
26
26
|
|
|
27
|
-
spec.add_dependency 'aws-sdk-core'
|
|
27
|
+
spec.add_dependency 'aws-sdk-core'
|
|
28
28
|
spec.add_dependency 'inifile'
|
|
29
29
|
spec.add_dependency 'onelogin', '~> 1.6'
|
|
30
30
|
spec.add_dependency 'thor'
|
|
31
|
+
spec.add_dependency 'base64'
|
|
32
|
+
spec.add_dependency 'logger'
|
|
31
33
|
end
|
metadata
CHANGED
|
@@ -1,29 +1,29 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: oneaws
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.5.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Yuki Koya
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2025-02-20 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-core
|
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
|
16
16
|
requirements:
|
|
17
|
-
- - "
|
|
17
|
+
- - ">="
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version:
|
|
19
|
+
version: '0'
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
|
-
- - "
|
|
24
|
+
- - ">="
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version:
|
|
26
|
+
version: '0'
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: inifile
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -66,6 +66,34 @@ dependencies:
|
|
|
66
66
|
- - ">="
|
|
67
67
|
- !ruby/object:Gem::Version
|
|
68
68
|
version: '0'
|
|
69
|
+
- !ruby/object:Gem::Dependency
|
|
70
|
+
name: base64
|
|
71
|
+
requirement: !ruby/object:Gem::Requirement
|
|
72
|
+
requirements:
|
|
73
|
+
- - ">="
|
|
74
|
+
- !ruby/object:Gem::Version
|
|
75
|
+
version: '0'
|
|
76
|
+
type: :runtime
|
|
77
|
+
prerelease: false
|
|
78
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
79
|
+
requirements:
|
|
80
|
+
- - ">="
|
|
81
|
+
- !ruby/object:Gem::Version
|
|
82
|
+
version: '0'
|
|
83
|
+
- !ruby/object:Gem::Dependency
|
|
84
|
+
name: logger
|
|
85
|
+
requirement: !ruby/object:Gem::Requirement
|
|
86
|
+
requirements:
|
|
87
|
+
- - ">="
|
|
88
|
+
- !ruby/object:Gem::Version
|
|
89
|
+
version: '0'
|
|
90
|
+
type: :runtime
|
|
91
|
+
prerelease: false
|
|
92
|
+
version_requirements: !ruby/object:Gem::Requirement
|
|
93
|
+
requirements:
|
|
94
|
+
- - ">="
|
|
95
|
+
- !ruby/object:Gem::Version
|
|
96
|
+
version: '0'
|
|
69
97
|
description: Issue temporary credentials using OneLogin and AWS STS.
|
|
70
98
|
email:
|
|
71
99
|
- ykky@pepabo.com
|
|
@@ -108,7 +136,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
108
136
|
- !ruby/object:Gem::Version
|
|
109
137
|
version: '0'
|
|
110
138
|
requirements: []
|
|
111
|
-
rubygems_version: 3.5.
|
|
139
|
+
rubygems_version: 3.5.22
|
|
112
140
|
signing_key:
|
|
113
141
|
specification_version: 4
|
|
114
142
|
summary: Issue temporary credentials using OneLogin and AWS STS.
|