scwrypts/zsh/aws/rds/interactive-login
yage f7eec633ef v2.0.3
=====================================================================

--- Bug Fixes ----------------------------

- rds/interactive-login now escapes special password characters
2022-07-30 11:02:47 -06:00

122 lines
3.1 KiB
Bash
Executable File

#!/bin/zsh
_DEPENDENCIES+=()
_REQUIRED_ENV+=()
source ${0:a:h}/common.zsh
#####################################################################
__CONNECT_TO_RDS() {
local DATABASE=$(__SELECT_DATABASE)
[ ! $DATABASE ] && __ABORT
local DB_HOST DB_USER DB_PORT DB_NAME DB_AUTH DB_TYPE
DB_HOST=$(echo $DATABASE | jq -r '.host')
DB_USER=$(echo $DATABASE | jq -r '.user')
DB_PORT=$(echo $DATABASE | jq -r '.port')
DB_TYPE=$(echo $DATABASE | jq -r '.type')
[[ $DB_PORT =~ null ]] && DB_PORT=5432
DB_NAME=postgres
local AUTH_METHODS=(iam secretsmanager user-input)
local AUTH_METHOD=$(\
echo $AUTH_METHODS | sed 's/\s\+/\n/g' \
| __FZF 'select an authentication method' \
)
[ ! $AUTH_METHOD ] && __ABORT
case $AUTH_METHOD in
iam )
DB_AUTH=$(\
_AWS rds generate-db-auth-token \
--hostname $DB_HOST \
--port $DB_PORT \
--username $DB_USER \
)
;;
secretsmanager )
CREDENTIALS=$(__GET_SECRETSMANAGER_CREDENTIALS)
echo $CREDENTIALS | jq -e '.pass' >/dev/null 2>&1 \
&& DB_AUTH="'$(echo $CREDENTIALS | jq -r '.pass' | sed "s/'/'\"'\"'/g")'"
echo $CREDENTIALS | jq -e '.password' >/dev/null 2>&1 \
&& DB_AUTH="'$(echo $CREDENTIALS | jq -r '.password' | sed "s/'/'\"'\"'/g")'"
echo $CREDENTIALS | jq -e '.user' >/dev/null 2>&1 \
&& DB_USER=$(echo $CREDENTIALS | jq -r '.user')
echo $CREDENTIALS | jq -e '.username' >/dev/null 2>&1 \
&& DB_USER=$(echo $CREDENTIALS | jq -r '.username')
echo $CREDENTIALS | jq -e '.name' >/dev/null 2>&1 \
&& DB_NAME=$(echo $CREDENTIALS | jq -r '.name')
echo $CREDENTIALS | jq -e '.dbname' >/dev/null 2>&1 \
&& DB_NAME=$(echo $CREDENTIALS | jq -r '.dbname')
;;
user-input )
;;
esac
__STATUS
__STATUS "host : $DB_HOST"
__STATUS "type : $DB_TYPE"
__STATUS "port : $DB_PORT"
__STATUS "database : $DB_NAME"
__STATUS "username : $DB_USER"
__STATUS
__RUN_SCWRYPT 'zsh/db/interactive/postgres' -- \
--host $DB_HOST \
--port $DB_PORT \
--name $DB_NAME \
--user $DB_USER \
--pass $DB_AUTH \
;
}
__SELECT_DATABASE() {
local DATABASES=$(__GET_AVAILABLE_DATABASES)
[ ! $DATABASES ] && __FAIL 1 'no databases available'
local ID=$(\
echo $DATABASES | jq -r '.instance + " @ " + .cluster' \
| __FZF 'select a database (instance@cluster)' \
)
[ ! $ID ] && __ABORT
local INSTANCE=$(echo $ID | sed 's/ @ .*$//')
local CLUSTER=$(echo $ID | sed 's/^.* @ //')
echo $DATABASES | jq "select (.instance == \"$INSTANCE\" and .cluster == \"$CLUSTER\")"
}
__GET_AVAILABLE_DATABASES() {
_AWS rds describe-db-instances \
| jq -r '.[] | .[] | {
instance: .DBInstanceIdentifier,
cluster: .DBClusterIdentifier,
type: .Engine,
host: .Endpoint.Address,
port: .Endpoint.Port,
user: .MasterUsername,
database: .DBName
}'
}
__GET_SECRETSMANAGER_CREDENTIALS() {
local ID=$(\
_AWS secretsmanager list-secrets \
| jq -r '.[] | .[] | .Name' \
| __FZF 'select a secret' \
)
[ ! $ID ] && return 1
_AWS secretsmanager get-secret-value --secret-id "$ID" \
| jq -r '.SecretString' | jq
}
#####################################################################
__CONNECT_TO_RDS