theurgy/userland/aws.el

;;; aws.el --- Some shortcuts for working with AWS -*- lexical-binding: t -*-

;; This file is not part of GNU Emacs

;; This program is free software: you can redistribute it and/or modify
;; it under the terms of the GNU General Public License as published by
;; the Free Software Foundation, either version 3 of the License, or
;; (at your option) any later version.

;; This program is distributed in the hope that it will be useful,
;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;; GNU General Public License for more details.

;; You should have received a copy of the GNU General Public License
;; along with this program.  If not, see <https://www.gnu.org/licenses/>.


;;; Commentary:

;; commentary

;;; Code:

(defcustom aws-cli-auth-provider "saml2aws"
  "The command that provides AWS authentication."
  :type 'string
  :group 'aws
  :group 'theurgy)

(defcustom aws-roles '()
  "List of strings of each possible AWS role completion for `aws-sign-in'."
  :type '(repeat string)
  :group 'aws
  :group 'theurgy)

(defcustom aws-auto-reauth nil
  "If nil, do not reauth. Otherwise it should be a number, the number of minutes on the reauth timer."
  :type 'integer
  :group 'aws
  :group 'theurgy)

(defvar aws-reauth-timer nil
  "The reauth timer, if created.")

(defun aws-sign-in ()
  "Sign in with AWS."
  (interactive)
  (let* ((role (completing-read "AWS Role: " aws-roles))
	 (auth-fn (lambda ()
		    (message (concat "Authenticating with " role " via " aws-cli-auth-provider))
		    (shell-command (concat aws-cli-auth-provider " login --force --skip-prompt --role " role)))))
    (funcall auth-fn)
    (when aws-auto-reauth
      (setq aws-reauth-timer (run-at-time t (* 60 aws-auto-reauth) auth-fn)))))

(provide 'aws)

;;; aws.el ends here