From b6cbc7cf332724d7465847013dcf4ace479b9bf9 Mon Sep 17 00:00:00 2001 From: Vitor M <4777793+vgmello@users.noreply.github.com> Date: Mon, 6 Nov 2023 12:11:09 +0000 Subject: [PATCH] Fixing credentials problem --- .../Commands/RDS/GetRdsPassword.cs | 23 +++++++++++-------- src/Ellosoft.AwsCredentialsManager/Program.cs | 8 +++++++ .../AWS/Interactive/AwsOktaSessionManager.cs | 4 ++-- .../Models/DatabaseConfiguration.cs | 8 +++++-- 4 files changed, 30 insertions(+), 13 deletions(-) diff --git a/src/Ellosoft.AwsCredentialsManager/Commands/RDS/GetRdsPassword.cs b/src/Ellosoft.AwsCredentialsManager/Commands/RDS/GetRdsPassword.cs index 0881cf8..85fe0a1 100644 --- a/src/Ellosoft.AwsCredentialsManager/Commands/RDS/GetRdsPassword.cs +++ b/src/Ellosoft.AwsCredentialsManager/Commands/RDS/GetRdsPassword.cs @@ -37,7 +37,7 @@ public class Settings : AwsSettings [CommandOption("--ttl")] [Description("Password lifetime in minutes (max recommended: 15 minutes)")] - [DefaultValue(15)] + [DefaultValue(DatabaseConfiguration.DefaultTtlInMinutes)] public int Ttl { get; set; } [CommandOption("--env")] @@ -79,8 +79,8 @@ await GenerateDbPassword( dbConfig.Hostname, dbConfig.Port, dbConfig.Username, - dbConfig.Ttl, - dbConfig.Region + dbConfig.Region, + dbConfig.GetTtl() ); return 0; @@ -97,14 +97,14 @@ private async Task HandleAdHocRequest(Settings settings) var username = settings.Username ?? AnsiConsole.Ask("Enter the DB username:"); var region = settings.GetRegion(); - await GenerateDbPassword(credentialName, hostname, port, username, settings.Ttl, region.SystemName); + await GenerateDbPassword(credentialName, hostname, port, username, region.SystemName, settings.Ttl); CreateNewRdsProfile(credentialName, hostname, port, username, settings.Ttl, region.SystemName, settings.Environment); return 0; } - private async Task GenerateDbPassword(string? credential, string? hostname, int? port, string? username, int? ttl, string? region) + private async Task GenerateDbPassword(string? credential, string? hostname, int? port, string? username, string? region, int ttl) { try { @@ -112,7 +112,6 @@ private async Task GenerateDbPassword(string? credential, string? hostname, int? ArgumentNullException.ThrowIfNull(hostname); ArgumentNullException.ThrowIfNull(port); ArgumentNullException.ThrowIfNull(username); - ArgumentNullException.ThrowIfNull(ttl); ArgumentNullException.ThrowIfNull(region); var awsCredentials = await _awsSessionManager.CreateOrResumeSessionAsync(credential); @@ -121,7 +120,7 @@ private async Task GenerateDbPassword(string? credential, string? hostname, int? throw new CommandException($"Unable to resume or create AWS session for credential '{credential}'"); var regionEndpoint = RegionEndpoint.GetBySystemName(region); - var dbPassword = _rdsTokenGenerator.GenerateDbPassword(awsCredentials, regionEndpoint, hostname, port.Value, username, ttl.Value); + var dbPassword = _rdsTokenGenerator.GenerateDbPassword(awsCredentials, regionEndpoint, hostname, port.Value, username, ttl); AnsiConsole.MarkupLine($"\r\n[green]DB Password:[/]\r\n{dbPassword}\r\n"); } @@ -147,10 +146,12 @@ private void CreateNewRdsProfile(string credential, string hostname, int port, s Hostname = hostname, Port = port, Username = username, - Region = region, - Ttl = ttl + Region = region }; + if (ttl != DatabaseConfiguration.DefaultTtlInMinutes) + dbConfig.Ttl = ttl; + if (credential != environment.Credential) dbConfig.Credential = credential; @@ -173,7 +174,11 @@ private DatabaseConfiguration GetDbConfig(AppConfig appConfig, string rdsProfile var env = _envManager.GetEnvironment(environmentName); if (env is not null && env.Rds.TryGetValue(rdsProfile, out var dbConfig)) + { + dbConfig.Credential ??= env.Credential; + return dbConfig; + } throw new CommandException($"Unable to find RDS profile [i]'{rdsProfile}'[/] on [i]'{environmentName}'[/] environment"); } diff --git a/src/Ellosoft.AwsCredentialsManager/Program.cs b/src/Ellosoft.AwsCredentialsManager/Program.cs index 0a864db..722a525 100644 --- a/src/Ellosoft.AwsCredentialsManager/Program.cs +++ b/src/Ellosoft.AwsCredentialsManager/Program.cs @@ -1,5 +1,6 @@ // Copyright (c) 2023 Ellosoft Limited. All rights reserved. +using System.Diagnostics; using Ellosoft.AwsCredentialsManager.Commands; using Ellosoft.AwsCredentialsManager.Commands.Credentials; using Ellosoft.AwsCredentialsManager.Commands.Okta; @@ -67,6 +68,13 @@ config.ValidateExamples(); }); +#if DEBUG +if (Debugger.IsAttached) +{ + args = "rds pwd test_db".Split(' '); +} +#endif + try { return app.Run(args); diff --git a/src/Ellosoft.AwsCredentialsManager/Services/AWS/Interactive/AwsOktaSessionManager.cs b/src/Ellosoft.AwsCredentialsManager/Services/AWS/Interactive/AwsOktaSessionManager.cs index ee062e8..f773469 100644 --- a/src/Ellosoft.AwsCredentialsManager/Services/AWS/Interactive/AwsOktaSessionManager.cs +++ b/src/Ellosoft.AwsCredentialsManager/Services/AWS/Interactive/AwsOktaSessionManager.cs @@ -123,6 +123,6 @@ [bold yellow]The AWS role ARN specified in the credential [b]'{credentialProfile return null; } - private static BasicAWSCredentials CreateAwsCredentials(AwsCredentialsData credentialsData) => - new(credentialsData.AccessKeyId, credentialsData.SecretAccessKey); + private static SessionAWSCredentials CreateAwsCredentials(AwsCredentialsData credentialsData) => + new(credentialsData.AccessKeyId, credentialsData.SecretAccessKey, credentialsData.SessionToken); } diff --git a/src/Ellosoft.AwsCredentialsManager/Services/Configuration/Models/DatabaseConfiguration.cs b/src/Ellosoft.AwsCredentialsManager/Services/Configuration/Models/DatabaseConfiguration.cs index be64156..91592bb 100644 --- a/src/Ellosoft.AwsCredentialsManager/Services/Configuration/Models/DatabaseConfiguration.cs +++ b/src/Ellosoft.AwsCredentialsManager/Services/Configuration/Models/DatabaseConfiguration.cs @@ -4,17 +4,21 @@ namespace Ellosoft.AwsCredentialsManager.Services.Configuration.Models; public class DatabaseConfiguration : ResourceConfiguration { + internal const int DefaultTtlInMinutes = 15; + public string? Hostname { get; set; } public int? Port { get; set; } public string? Username { get; set; } - public int? Ttl { get; set; } - public string? Region { get; set; } + public int? Ttl { get; set; } + public string? Template { get; set; } public string? Credential { get; set; } + + internal int GetTtl() => Ttl ?? DefaultTtlInMinutes; }