Closed jameshadfield closed 5 months ago
I'm not sure the IAM user name is knowable
Via an unrelated slack comment by @victorlin this is pretty simple to obtain:
// <https://www.npmjs.com/package/@aws-sdk/client-sts>
// <https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/client/sts/command/GetCallerIdentityCommand/>
import { STSClient, GetCallerIdentityCommand } from "@aws-sdk/client-sts";
const client = new STSClient({ region: "us-east-1" });
const command = new GetCallerIdentityCommand({});
try {
const data = await client.send(command);
if (!data.Arn.startsWith('arn:aws:iam::')) throw new Error("Identity is not an IAM user")
console.log(`IAM user: ${data.Arn.replace(/^.+user\//, '')}`)
} catch (error) {
console.log(error)
}
The nextstrain.org server has conditional logic to change certain features into a "testing" / "development" mode. There are a few different (overlapping) concepts of testing/development, and it would be great to say up-front what the server is using. The logic to choose different modes is quite flexible -- environment variables, server configuration files, local aws configuration files etc, and it can be hard to keep track of what's being used! As an example of the kind of start-up message I would find really useful:
(I'm not sure the IAM user name is knowable, but if it's not we could at least say
via env variables $... and $...
orvia ./aws/config
etc.)There are other things we could include here (perhaps GITHUB_TOKEN) but the above would be the most useful