Browse code
Cleanup
Ed Langley authored on 19/12/2019 22:48:40
Showing 5 changed files
Showing 5 changed files
34 | 35 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,33 @@ |
1 |
+(in-package :mfa-tool.aws-utils) |
|
2 |
+ |
|
3 |
+(defclass cj-organization-role () |
|
4 |
+ ((account :initarg :account |
|
5 |
+ :reader account |
|
6 |
+ :initform (error "must pass an account")))) |
|
7 |
+ |
|
8 |
+(fw.lu:defclass+ cj-developer-role ((cj-organization-role (account))) |
|
9 |
+ ()) |
|
10 |
+ |
|
11 |
+(defgeneric arn-for (type account resource) |
|
12 |
+ (:method-combination list :most-specific-last) |
|
13 |
+ (:documentation "get the arn for an aws resource") |
|
14 |
+ (:method :around (-t account u) |
|
15 |
+ (format nil "arn:aws:iam::~a:~a" |
|
16 |
+ account |
|
17 |
+ (serapeum:string-join (call-next-method) |
|
18 |
+ "/"))) |
|
19 |
+ (:method list ((type (eql :mfa)) account user) |
|
20 |
+ "mfa") |
|
21 |
+ (:method list ((type (eql :mfa)) account (user string)) |
|
22 |
+ user) |
|
23 |
+ (:method list ((type (eql :role)) account role) |
|
24 |
+ "role") |
|
25 |
+ (:method list ((type (eql :role)) account (role cj-organization-role)) |
|
26 |
+ "cjorganization") |
|
27 |
+ (:method list ((type (eql :role)) account (role cj-developer-role)) |
|
28 |
+ "CJDeveloperAccessRole") |
|
29 |
+ (:method list ((type (eql :role)) account (role string)) |
|
30 |
+ role)) |
|
31 |
+ |
|
32 |
+(defun cj-organization-role-arn (role) |
|
33 |
+ (arn-for :role (account role) role)) |
... | ... |
@@ -6,37 +6,6 @@ |
6 | 6 |
|
7 | 7 |
(defparameter *user_management_account_id* 597974043991) |
8 | 8 |
|
9 |
-(defclass cj-organization-role () |
|
10 |
- ((account :initarg :account |
|
11 |
- :reader account |
|
12 |
- :initform (error "must pass an account")))) |
|
13 |
-(fw.lu:defclass+ cj-developer-role ((cj-organization-role (account))) |
|
14 |
- ()) |
|
15 |
- |
|
16 |
-(defgeneric arn-for (type account resource) |
|
17 |
- (:method-combination list :most-specific-last) |
|
18 |
- (:documentation "get the arn for an aws resource") |
|
19 |
- (:method :around (-t account u) |
|
20 |
- (format nil "arn:aws:iam::~a:~a" |
|
21 |
- account |
|
22 |
- (serapeum:string-join (call-next-method) |
|
23 |
- "/"))) |
|
24 |
- (:method list ((type (eql :mfa)) account user) |
|
25 |
- "mfa") |
|
26 |
- (:method list ((type (eql :mfa)) account (user string)) |
|
27 |
- user) |
|
28 |
- (:method list ((type (eql :role)) account role) |
|
29 |
- "role") |
|
30 |
- (:method list ((type (eql :role)) account (role cj-organization-role)) |
|
31 |
- "cjorganization") |
|
32 |
- (:method list ((type (eql :role)) account (role cj-developer-role)) |
|
33 |
- "CJDeveloperAccessRole") |
|
34 |
- (:method list ((type (eql :role)) account (role string)) |
|
35 |
- role)) |
|
36 |
- |
|
37 |
-(defun cj-organization-role-arn (role) |
|
38 |
- (arn-for :role (account role) role)) |
|
39 |
- |
|
40 | 9 |
(defun read-new-mfa-token () |
41 | 10 |
(format *query-io* "~&New MFA token: ") |
42 | 11 |
(finish-output *query-io*) |
... | ... |
@@ -114,8 +114,9 @@ |
114 | 114 |
(let ((accounts (gethash "Accounts" accounts)) |
115 | 115 |
(result ())) |
116 | 116 |
(mapc (lambda (account) |
117 |
- (push (cons (format nil "~a (~a)" |
|
117 |
+ (push (cons (format nil "~a: ~a (~a)" |
|
118 | 118 |
(gethash "Name" account) |
119 |
+ (gethash "Id" account) |
|
119 | 120 |
(gethash "Type" account)) |
120 | 121 |
(gethash "Id" account)) |
121 | 122 |
result)) |
... | ... |
@@ -1,3 +1,14 @@ |
1 |
+(defpackage :mfa-tool.aws-utils |
|
2 |
+ (:use :cl) |
|
3 |
+ (:export #:cj-organization-role |
|
4 |
+ #:cj-developer-role |
|
5 |
+ #:arn-for |
|
6 |
+ #:cj-organization-role-arn)) |
|
7 |
+ |
|
1 | 8 |
(defpackage :mfa-tool |
2 | 9 |
(:use :cl) |
10 |
+ (:import-from :mfa-tool.aws-utils |
|
11 |
+ #:cj-organization-role-arn |
|
12 |
+ #:cj-developer-role |
|
13 |
+ #:arn-for) |
|
3 | 14 |
(:export :main)) |