awsmfa 0.3.1

The automation tool for Multi-Factor Authentication (MFA) process to use awscli.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116

use super::{sts::StsCredential, ConfigFileBase, Profile};

#[derive(Debug)]
pub struct Credentials {
    profiles: Vec<Profile>,
}

impl ConfigFileBase for Credentials {
    const FILENAME: &'static str = "credentials";
    const PROFILE_PATTERN: &'static str = r"\[(.+)\]";

    fn build(profiles: Vec<Profile>) -> Self {
        Self { profiles }
    }

    fn fmt_profile(profile: &Profile) -> String {
        format!("[{}]\n{}", profile.name, profile.lines.join("\n"))
    }

    fn profiles(&self) -> &[Profile] {
        &self.profiles
    }
}

impl Credentials {
    pub fn set_sts_cred(self, name: &str, cred: StsCredential) -> Self {
        let StsCredential {
            access_key_id,
            secret_access_key,
            session_token,
            ..
        } = cred;

        let profile = Profile {
            name: name.into(),
            lines: vec![
                format!("aws_access_key_id={access_key_id}"),
                format!("aws_secret_access_key={secret_access_key}"),
                format!("aws_session_token={session_token}"),
            ],
        };

        self.set(profile)
    }
}

#[cfg(test)]
mod tests {
    use super::*;
    use std::path::Path;

    #[test]
    fn it_reads_credentials() {
        let path = Path::new("mock/test_credentials");
        let credentials = Credentials::load(path);
        assert!(credentials.is_ok());

        let Credentials { profiles } = credentials.unwrap();
        assert_eq!(profiles.len(), 2);

        let profile = profiles.get(0).unwrap();
        assert_eq!(profile.name, "tanaka");
        assert_eq!(
            profile.lines,
            vec![
                "aws_access_key_id=ABCDEFGHIJKLMNOPQRST",
                "aws_secret_access_key=abcdefghijklmnopqrstuvwxyz+-#$1234567890",
            ]
        );

        let profile = profiles.get(1).unwrap();
        assert_eq!(profile.name, "suzuki");
        assert_eq!(profile.lines, vec!["xxxxxxxxxxxxxxxx", "yyyyyyyyyyyy",]);
    }

    #[test]
    fn it_writes_credentials() {
        let credentials = Credentials {
            profiles: vec![
                Profile {
                    name: "tanaka".into(),
                    lines: vec!["foobarbaz".into()],
                },
                Profile {
                    name: "takahashi".into(),
                    lines: vec!["foo".into(), "bar".into()],
                },
                Profile {
                    name: "saito".into(),
                    lines: vec![],
                },
            ],
        };

        let path = Path::new("mock/write_test_credentials");
        credentials.write(path).unwrap();

        let credentials = Credentials::load(path);
        assert!(credentials.is_ok());

        let Credentials { profiles } = credentials.unwrap();
        assert_eq!(profiles.len(), 3);

        let profile = profiles.get(0).unwrap();
        assert_eq!(profile.name, "tanaka");
        assert_eq!(profile.lines, vec!["foobarbaz"]);

        let profile = profiles.get(1).unwrap();
        assert_eq!(profile.name, "takahashi");
        assert_eq!(profile.lines, vec!["foo", "bar"]);

        let profile = profiles.get(2).unwrap();
        assert_eq!(profile.name, "saito");
        assert!(profile.lines.is_empty());
    }
}