Skip to content

Commit

Permalink
support for AWS_ACCESS_KEY_ID
Browse files Browse the repository at this point in the history 
also cleanup the color changes when used
  • Loading branch information
@InbarRose
InbarRose authored Apr 3, 2022
1 parent 870f71c commit bea5863
Showing 1 changed file with 13 additions and 6 deletions.
19 changes: 13 additions & 6 deletions check-ecs-exec.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -674,8 +674,8 @@ else
fi
fi

# 11. Check task definition containers for environment variables AWS_ACCESS_KEY and AWS_SECRET_ACCESS_KEY
# if AWS_ACCESS_KEY and AWS_SECRET_ACCESS_KEY are defined in a container, they will be used by the SSM service
# 11. Check task definition containers for environment variables AWS_ACCESS_KEY, AWS_ACCESS_KEY_ID, and AWS_SECRET_ACCESS_KEY
# if AWS_ACCESS_KEY, AWS_ACCESS_KEY_ID, and AWS_SECRET_ACCESS_KEY are defined in a container, they will be used by the SSM service
# if the key defined does not have requirement permissions, the execute-command will not work.
containerNameList=$(echo "${taskDefJson}" | jq -r ".taskDefinition.containerDefinitions[].name")
idx=0
Expand All @@ -686,15 +686,22 @@ for containerName in $containerNameList; do
printf " ${COLOR_DEFAULT}- AWS_ACCESS_KEY"
AWS_ACCESS_KEY_FOUND=$(echo "${taskDefJson}" | jq -r ".taskDefinition.containerDefinitions[${idx}].environment[] | select(.name==\"AWS_ACCESS_KEY\") | .name")
case "${AWS_ACCESS_KEY_FOUND}" in
*AWS_ACCESS_KEY* ) printf ": ${COLOR_YELLOW}defined\n";;
* ) printf ": ${COLOR_GREEN}not defined\n";;
*AWS_ACCESS_KEY* ) printf ": ${COLOR_YELLOW}defined${COLOR_DEFAULT}\n";;
* ) printf ": ${COLOR_GREEN}not defined${COLOR_DEFAULT}\n";;
esac
# find AWS_ACCESS_KEY_ID
printf " ${COLOR_DEFAULT}- AWS_ACCESS_KEY_ID"
AAWS_ACCESS_KEY_ID_FOUND=$(echo "${taskDefJson}" | jq -r ".taskDefinition.containerDefinitions[${idx}].environment[] | select(.name==\"AWS_ACCESS_KEY_ID\") | .name")
case "${AWS_ACCESS_KEY_ID_FOUND}" in
*AWS_ACCESS_KEY_ID* ) printf ": ${COLOR_YELLOW}defined${COLOR_DEFAULT}\n";;
* ) printf ": ${COLOR_GREEN}not defined${COLOR_DEFAULT}\n";;
esac
# find AWS_SECRET_ACCESS_KEY
printf " ${COLOR_DEFAULT}- AWS_SECRET_ACCESS_KEY"
AWS_SECRET_ACCESS_KEY_FOUND=$(echo "${taskDefJson}" | jq -r ".taskDefinition.containerDefinitions[${idx}].environment[] | select(.name==\"AWS_SECRET_ACCESS_KEY\") | .name")
case "${AWS_SECRET_ACCESS_KEY_FOUND}" in
*AWS_SECRET_ACCESS_KEY* ) printf ": ${COLOR_YELLOW}defined\n";;
* ) printf ": ${COLOR_GREEN}not defined\n";;
*AWS_SECRET_ACCESS_KEY* ) printf ": ${COLOR_YELLOW}defined${COLOR_DEFAULT}\n";;
* ) printf ": ${COLOR_GREEN}not defined${COLOR_DEFAULT}\n";;
esac
idx=$((idx+1))
done
Expand Down

0 comments on commit bea5863

Please sign in to comment.