Open shwethaumashanker opened 9 months ago
The request would be for possibly supporting a command line option like --exit-code
similar to git diff
or other tools, that would allow the selector to be skipped and instead have the script return an exit code of 1 when a matching profile/role is not found.
Some extra context. We've been making assume
part of our documentation / automation process, so there is less room for interpretation.
So in documentation it might look like the following (purely and example):
- Log into AWS on your terminal and the console
assume -s ec2 -r ap-northeast-1 -t mycompany/MyRoleWithATypo
- Run the
myscript.sh
file from your terminal- Verify in the console that the tag on the instance was updated
If I currently run follow this, in step 1 it would bring up the role selector, which would possibly lead to an unpredictable and non-working scenario. I would prefer if we could just have the current error message pop up, and no selector appears. ([!] mycompany/MyRoleWithATypo not found in your AWS config or credentials
)
Even more so in a script, where we might make it part of a process.
source assume -r ap-northeast-1 mycompany/myinvalidrole
aws s3 ...
instead of this leading to the selector coming up, and manual entry being a required thing, it would be more helpful if there was a way to make this assume
call fail.
Just wanted to follow up and see if there is any possibility of this getting implemented so that assume can more reliably be used from within other shell scripts.
We ran into the same need when automating common developer workflows that involve assume
. Would love for the command to be able to fail fast (cc @j-krose)
FYI our temporary workaround in scripting is along the lines of:
if [ -z $(aws configure list-profiles | grep "^$DESIRED_PROFILE$") ]; then
... exit early with a message
fi
assume $DESIRED_PROFILE
This is not ideal because:
aws configure list-profiles
lists profiles that have been removed from ~/.aws/config
, but still have some stale state elsewhere in ~/.aws/
assume
rather than just simply having a flag
Context: