#!/bin/sh # # awsenv : AWS Environment Script # # This script is to output information regarding AWS CLI and various files it uses. This script # does nothing destructive. # # Author: Jonathan Cormier # AWS_SECRETS=~/.aws_secrets AWS_S3_CURL=~/.s3curl AWS_JSON_CREDENTIALS=~/.aws/credentials.json AWS_FILES="AWS_SECRETS AWS_S3_CURL AWS_JSON_CREDENTIALS AWS_CONFIG_FILE AWS_CREDENTIAL_FILE EC2_CERT EC2_PRIVATE_KEY" function aws_vecho { VAR=$1 echo -n "${VAR}: " echo ${!VAR} } function aws_env { aws_vecho AWS_ACCESS_KEY_ID aws_vecho AWS_SECRET_ACCESS_KEY aws_vecho AWS_CONFIG_FILE aws_vecho AWS_CREDENTIAL_FILE aws_vecho EC2_CERT aws_vecho EC2_PRIVATE_KEY } function aws_stat { stat -c "%a" $1 | tr -d '\n' } function aws_isperm { FILE=$1 PERM=$2 CUR_PERM=$(stat -c "%a" $FILE) [ $CUR_PERM = $PERM ] && return 1 return 0 } function aws_fix { FILE=$1 while true; do read -p "Set permissions on $FILE to 600? " ANS case $ANS in [Yy]* ) chmod 600 $FILE; aws_isperm $FILE 600; if (( $? )); then echo "[x] Permissions on $FILE set to 600"; fi break;; [Nn]* ) exit;; esac done } echo "[x] Amazon AWS CLI environment" echo "[x] Checking for AWS CLI secrets and credential files..." # Check for AWS CLI files and their permissions for AWS_FILE in $AWS_FILES; do FILE=${!AWS_FILE} # Skip variables that are empty [ -z $FILE ] && continue; echo -n "Checking $FILE..." if [ -e $FILE ]; then echo "found" # Check permissions aws_isperm $FILE 600 if (( ! $? )); then echo "[!] Incorrect permissions on $FILE" aws_fix $FILE fi else echo "not found" echo "[!] $AWS_FILE contains path to file that doesn't exist." fi done echo echo "[x] AWS variables" # Output environment variables aws_env