updated rotate-keys with f-strings
This commit is contained in:
parent
4e8840864c
commit
0c48e3f24f
22
rotate-keys
22
rotate-keys
@ -83,7 +83,7 @@ def create_new_key(iam, user):
|
||||
if 'Error' in err.response:
|
||||
print("Key not created")
|
||||
if err.response['Error']['Code'] == 'LimitExceeded':
|
||||
print("User {} already has the maximum number of keys".format(user))
|
||||
print(f"User {user} already has the maximum number of keys")
|
||||
|
||||
return new_key
|
||||
|
||||
@ -98,12 +98,12 @@ def rotate_key(session, user):
|
||||
LOG.debug("Getting user key limit for account...")
|
||||
key_limit = iam.get_account_summary()['SummaryMap']['AccessKeysPerUserQuota']
|
||||
|
||||
LOG.debug("User key limit: {}".format(key_limit))
|
||||
LOG.debug(f"User key limit: {key_limit}")
|
||||
|
||||
LOG.debug("Getting user's keys...")
|
||||
user_keys = iam.list_access_keys()['AccessKeyMetadata']
|
||||
|
||||
LOG.debug("Found {} keys for user {}".format(len(user_keys), user))
|
||||
LOG.debug(f"Found {len(user_keys)} keys for user {user}")
|
||||
|
||||
LOG.debug("Check to see if user has the limit of keys allowed...")
|
||||
if len(user_keys) == key_limit:
|
||||
@ -122,7 +122,7 @@ def update_credentials_file(credentials_file, profile_name, key, set_default):
|
||||
credentials = configparser.ConfigParser()
|
||||
credentials.read(credentials_file)
|
||||
|
||||
LOG.debug("credentials = {}".format(credentials.sections()))
|
||||
LOG.debug(f"credentials = {credentials.sections()}")
|
||||
|
||||
if not profile_name in credentials.sections():
|
||||
LOG.debug("Profile does not exist in credentials file; creating now...")
|
||||
@ -132,8 +132,8 @@ def update_credentials_file(credentials_file, profile_name, key, set_default):
|
||||
profile_creds['aws_access_key_id'] = key['AccessKey']['AccessKeyId']
|
||||
profile_creds['aws_secret_access_key'] = key['AccessKey']['SecretAccessKey']
|
||||
|
||||
LOG.debug("Profile: {}, keys: {}, {}".format(profile_name, profile_creds['aws_access_key_id'], profile_creds['aws_secret_access_key']))
|
||||
LOG.debug("credentials = {}".format([x for x in credentials[profile_name]]))
|
||||
LOG.debug(f"Profile: {profile_name}, keys: {profile_creds['aws_access_key_id']}, {profile_creds['aws_secret_access_key']}")
|
||||
LOG.debug(f"credentials = {[x for x in credentials[profile_name]]}"))
|
||||
|
||||
# make the keys also be the default keys if the toggle is set
|
||||
if set_default:
|
||||
@ -145,8 +145,8 @@ def update_credentials_file(credentials_file, profile_name, key, set_default):
|
||||
default_creds['aws_access_key_id'] = key['AccessKey']['AccessKeyId']
|
||||
default_creds['aws_secret_access_key'] = key['AccessKey']['SecretAccessKey']
|
||||
|
||||
LOG.debug("Profile: default, keys: {}, {}".format(default_creds['aws_access_key_id'], default_creds['aws_secret_access_key']))
|
||||
LOG.debug("credentials = {}".format([x for x in credentials['default']]))
|
||||
LOG.debug(f"Profile: default, keys: {default_creds['aws_access_key_id'],}, {default_creds['aws_secret_access_key']}")
|
||||
LOG.debug(f"credentials = {[x for x in credentials['default']]}")
|
||||
|
||||
LOG.debug("Writing updated credentials file...")
|
||||
with open(credentials_file, 'w') as cred_file:
|
||||
@ -162,14 +162,14 @@ def main():
|
||||
LOG.setLevel(logging.DEBUG)
|
||||
logging.getLogger('botocore').setLevel(logging.WARNING)
|
||||
|
||||
LOG.debug("Getting AWS session and credentials for {}...".format(args.profile_name))
|
||||
LOG.debug(f"Getting AWS session and credentials for {args.profile_name}...")
|
||||
session = boto3.session.Session(region_name='us-east-1', profile_name=args.profile_name)
|
||||
credentials = session.get_credentials()
|
||||
|
||||
credentials_file = os.path.expanduser(args.credentials_file)
|
||||
LOG.debug("credentials_file = {}".format(credentials_file))
|
||||
LOG.debug(f"credentials_file = {credentials_file}")
|
||||
|
||||
print("Generating new AWS keys for user {}...".format(args.user))
|
||||
print(f"Generating new AWS keys for user {args.user}...")
|
||||
new_key = rotate_key(session, args.user)
|
||||
|
||||
if new_key:
|
||||
|
@ -27,6 +27,8 @@ from cryptography.hazmat.primitives import serialization as crypto_serialization
|
||||
from cryptography.hazmat.primitives.asymmetric import rsa
|
||||
from cryptography.hazmat.backends import default_backend as crypto_default_backend
|
||||
|
||||
from paramiko import SSHClient, AutoAddPolicy
|
||||
|
||||
|
||||
# setting up logging for this script
|
||||
_LEVEL = logging.INFO
|
||||
@ -354,7 +356,7 @@ def switch_keys_on_instances(session, new_key, old_key_name, remove_old_key_only
|
||||
for y in x['Instances']
|
||||
]
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
def main():
|
||||
|
Loading…
Reference in New Issue
Block a user