@seankross we chatted briefly about this. some notes
It might be nice for an admin of an AWS account to see what the other folks on their account see - just to check that permissions are set correctly i imagine
Was thinking this
users <- list(
list(
user = "sally",
AWS_ACCESS_KEY_ID = "ASPDF80ASDFDF",
AWS_SECRET_ACCESS_KEY = "ADFPA8FAADF",
AWS_REGION = "us-west-2"
),
list(
user = "malorie",
AWS_ACCESS_KEY_ID = "ASDF08AFAD80ADSF",
AWS_SECRET_ACCESS_KEY = "ADFPAADF80A999",
AWS_REGION = "us-west-2"
)
)
fake_aws_user <- function() {
Filter(
function(z) z$AWS_ACCESS_KEY_ID == Sys.getenv("AWS_ACCESS_KEY_ID"),
users
)
}
withr::with_envvar(
c(
"AWS_ACCESS_KEY_ID" = "ASDF08AFAD80ADSF",
"AWS_SECRET_ACCESS_KEY" = "ADFPA8FAADF",
"AWS_REGION" = "us-west-2"
),
fake_aws_user()
)
aws_user_impersonate <- function(username, code) {
withr::with_envvar(
# get user creds somehow?,
force(code)
)
}
# hmm, this wouldn't work - as an admin i'd want to put in a username, but you wouldn't have those creds
# unless you saved them all somewhere, which seems unlikely
aws_user_impersonate("sally")
But then thought this probably doesn't make sense b/c the admin wouldn't probably have tokens for each user saved - and you can't look them up after the fact unless you create a new set.
@seankross we chatted briefly about this. some notes
It might be nice for an admin of an AWS account to see what the other folks on their account see - just to check that permissions are set correctly i imagine
Was thinking this
But then thought this probably doesn't make sense b/c the admin wouldn't probably have tokens for each user saved - and you can't look them up after the fact unless you create a new set.
@seankross