search

aws / aws-cli

Universal Command Line Interface for Amazon Web Services
Other
15.13k stars 4.02k forks source link

Check if profile exists command #819

Open martintreurnicht opened 10 years ago

martintreurnicht commented 10 years ago

We use several different profiles for uploading our static website to different environments, each environment has it's own profile. It would be nice to have a way to check if a profile is configured and if not prompt the user to configure the profile, it could even be an extra parameter for the configure command, ex. aws configure --skip-exists

We have a deployment bash script that configures your environment, including installing awscli via pip, this would be a nice addition to that script

akleiber commented 8 years ago

you could use aws configure --profile not-existing-profile list and check for the aws return code.

brian-villanueva commented 7 years ago

One-liner for @akleiber's suggestion: [[ $(aws configure --profile not-existing-profile list) && $? -eq 0 ]] && echo "Exists" || echo "Does not exist" Obviously you could replace the echo statements with variable assignments or whatever.

ASayre commented 6 years ago

Good Morning!

We're closing this issue here on GitHub, as part of our migration to UserVoice for feature requests involving the AWS CLI.

This will let us get the most important features to you, by making it easier to search for and show support for the features you care the most about, without diluting the conversation with bug reports.

As a quick UserVoice primer (if not already familiar): after an idea is posted, people can vote on the ideas, and the product team will be responding directly to the most popular suggestions.

We’ve imported existing feature requests from GitHub - Search for this issue there!

And don't worry, this issue will still exist on GitHub for posterity's sake. As it’s a text-only import of the original post into UserVoice, we’ll still be keeping in mind the comments and discussion that already exist here on the GitHub issue.

GitHub will remain the channel for reporting bugs.

Once again, this issue can now be found by searching for the title on: https://aws.uservoice.com/forums/598381-aws-command-line-interface

-The AWS SDKs & Tools Team

jamesls commented 6 years ago

Based on community feedback, we have decided to return feature requests to GitHub issues.

alexanderkjeldaas commented 5 years ago

The command aws configure --profile not-existing-profile list is not a solution to the original issue as this will ask for MFA for profiles that need it.

abeal-hottomali commented 4 years ago

I used the following, based on the suggestion here:

##
# Confirms the user has set up the named AWS profile.
# Parameters:
#   1: The AWS profile name.
# Exits on failure.
# Example: "confirm_aws_profile foo"
##
confirm_aws_profile() {
    [[ $(aws configure --profile ${1} list | grep "could not be found") ]] && {
        echo "The profile ${1} has not been established.  You need to set this up prior to running this script.";
        exit 1;
    }
}

This obviously does not provide the nicety of prompting the user, but it halts the script and informs the user of the problem, which was the important part for my needs. Hopefully it's helpful?

markrity commented 3 years ago

I use it this way:

function aws_profile_status {
  profile_status=$( (aws configure --profile ${1} list ) 2>&1 )
  if [[ $profile_status = *'could not be found'* ]]; then echo "not found"; fi
}

(that echo "not found" , is just an example for use-case of-corse) maybe will be useful for someone :)

benkehoe commented 3 years ago

Note these will not work if AWS_PROFILE has been set due to this bug: https://github.com/aws/aws-cli/issues/5016

ivaltryek commented 2 years ago

Here's what I've done:

if [[ $(aws configure --profile $set_profile_name list >> /dev/null 2>&1) -eq 0 ]]
then
        echo "Exists"
else
        echo "Does not exists"
fi
alexjeen commented 2 years ago

For Powershell:

# This function waits until timeout if a AWS profile becomes available
function Check-Aws-Profile {
  param( [string]$Profile, [int]$Timeout )
  $Count = 0
  while (!(aws configure --profile $Profile list) 2>&1 | out-null) {
    echo "* $Profile profile is not available yet"
    Start-Sleep -Seconds 1
    $Count++;
    if ($Count -gt $Timeout) {
      echo "* $Profile did not become available within $Timeout seconds"
      Exit 1
    }
  }
  echo "$Profile profile is now available!"
}
Check-Aws-Profile -profile ss -timeout 10
chrs-myrs commented 2 years ago

This doesn't work for SSO, since it also returns an exit code of 255 and identical response if you are not signed in. It would be good to have a way to find out if the profile exists in the ~/.aws/configure file, could grep that file I guess

benkehoe commented 2 years ago

A note for users of AWS SSO:

The use case described in the original comment is

We use several different profiles for uploading our static website to different environments, each environment has it's own profile.

This is a common enough situation: you've written a script for people to use, and you know the entire set of configurations that may be used by users of the script. If you're using AWS SSO, you can embed the SSO configuration for those environments (SSO start url+region, account id, role name) into your code, while still relying on the user to have their own credentials authenticated through aws sso login. This eliminates the dependency on ~/.aws/config having any particular content. In most languages, the AWS SDK natively supports defining that configuration using the SSO credential configuration. In Python, you'll need to use aws-sso-lib.

guiminyao commented 1 year ago

This doesn't work for SSO, since it also returns an exit code of 255 and identical response if you are not signed in. It would be good to have a way to find out if the profile exists in the ~/.aws/configure file, could grep that file I guess

if aws configure list-profiles | grep -Fxq "$profile_name"; then
    echo "Exists"
else
    echo "Not exists"
fi
benkehoe commented 1 year ago

If the profiles have known contents, you can have your tools write a config file containing them and use the AWS_CONFIG_FILE variable to point at it, eliminating the need for their ~/.aws/config to have the profile in it.

An example in a shell script, with IAM Identity Center (formerly AWS SSO) configuration, but it will work with any config

# make sure no profile is set first
export -n AWS_PROFILE= AWS_DEFAULT_PROFILE=

# create a temporary config file
# use a suffix so they're easier to identify
export AWS_CONFIG_FILE=$(mktemp --suffix .aws-config)

# write the config into the file
cat > $AWS_CONFIG_FILE <<EOF
# if you're only using one profile, may as well make it the default
# and not need to pass the name in everywhere
# but you can name it and/or have multiple named profiles in the file
[profile default]
sso_start_url = https://example.awsapps.com/start
sso_region = us-east-2
sso_account_id = 123456789012
sso_role_name = Developer
region = us-west-2
EOF

# now call whatever program you're intending to run
# anything using an AWS SDK will use the config file
# because of the environment variable
aws sts get-caller-identity
aws s3 cp s3://some-bucket/some-key ./my-file

rm -f $AWS_CONFIG_FILE
export -n AWS_CONFIG_FILE=