For users who manage Layer0 instances across multiple AWS accounts, it can get confusing to remember which set of AWS credentials pair with which Layer0 instance. This confusion could readily be solved by displaying some human-readable content associated with the account ID for each Layer0 instance in commands like l0-setup list.
Sample output:
$ l0-setup list
STATUS NAME ACCOUNT
r example1 Account 1 Name
l example2 Account 2 Name
I've looked into a couple of paths in the AWS CLI which give me some information which may be useful. I haven't yet taken a look for whether these are reflected in the SDK (they probably are?), and there may be other/better ways to obtain the information I'm looking for, but here are the two I've found so far:
IAM
$ aws iam list-account-aliases
{
"AccountAliases": [
"some account alias here"
]
}
This seems to be the easiest and most direct manner of accessing some human-readable aspect of an account (by which I mean something more than the account ID), but it comes with a caveat: there is no guarantee that this information will exist for any given account. It's a sort of metadata that must be intentionally created for the account. It's easy enough to add an alias, though, with aws iam create-account-alias.
Cost Explorer
There's a way to access the Full Name of an account through the Cost Explorer API:
$ aws ce get-dimension-values --time-period Start=2018-01-01,End=2018-04-04 --dimension LINKED_ACCOUNT
{
"DimensionValues": [
{
"Value": "<<ACCOUNT ID>>",
"Attributes": {
"description": "<<FULL NAME OF ACCOUNT>>"
}
}
],
"ReturnSize": 1,
"TotalSize": 1
}
This API call is a little more unwieldy - it requires a time period, and the actual value we're looking for is nested three levels deep. Regardless, this information is required at the time of account creation, and so should always exist.
For users who manage Layer0 instances across multiple AWS accounts, it can get confusing to remember which set of AWS credentials pair with which Layer0 instance. This confusion could readily be solved by displaying some human-readable content associated with the account ID for each Layer0 instance in commands like
l0-setup list.Sample output:
I've looked into a couple of paths in the AWS CLI which give me some information which may be useful. I haven't yet taken a look for whether these are reflected in the SDK (they probably are?), and there may be other/better ways to obtain the information I'm looking for, but here are the two I've found so far:
IAM
This seems to be the easiest and most direct manner of accessing some human-readable aspect of an account (by which I mean something more than the account ID), but it comes with a caveat: there is no guarantee that this information will exist for any given account. It's a sort of metadata that must be intentionally created for the account. It's easy enough to add an alias, though, with
aws iam create-account-alias.Cost Explorer
There's a way to access the Full Name of an account through the Cost Explorer API:
This API call is a little more unwieldy - it requires a time period, and the actual value we're looking for is nested three levels deep. Regardless, this information is required at the time of account creation, and so should always exist.