mirror of
https://github.com/jpetazzo/container.training.git
synced 2026-02-14 17:49:59 +00:00
33 lines
1.3 KiB
Bash
Executable File
33 lines
1.3 KiB
Bash
Executable File
#!/bin/sh
|
|
# For each user listed in "users.txt", create an IAM user.
|
|
# Also create AWS API access keys, and store them in "users.keys".
|
|
# This is idempotent (you can run it multiple times, it will only
|
|
# create the missing users). However, it will not remove users.
|
|
# Note that you can remove users from "users.keys" (or even wipe
|
|
# that file out entirely) and then this script will delete their
|
|
# keys and generate new keys for them (and add the new keys to
|
|
# "users.keys".)
|
|
|
|
echo "Getting list of existing users ..."
|
|
aws iam list-users --output json | jq -r .Users[].UserName > users.tmp
|
|
|
|
for U in $(cat users.txt); do
|
|
if ! grep -qw $U users.tmp; then
|
|
echo "Creating user $U..."
|
|
aws iam create-user --user-name=$U \
|
|
--tags=Key=container.training,Value=1
|
|
fi
|
|
if ! grep -qw $U users.keys; then
|
|
echo "Listing keys for user $U..."
|
|
KEYS=$(aws iam list-access-keys --user=$U | jq -r .AccessKeyMetadata[].AccessKeyId)
|
|
for KEY in $KEYS; do
|
|
echo "Deleting key $KEY for user $U..."
|
|
aws iam delete-access-key --user=$U --access-key-id=$KEY
|
|
done
|
|
echo "Creating access key for user $U..."
|
|
aws iam create-access-key --user=$U --output json \
|
|
| jq -r '.AccessKey | [ .UserName, .AccessKeyId, .SecretAccessKey ] | @tsv' \
|
|
>> users.keys
|
|
fi
|
|
done
|