C3C/nix-configuration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update veracode aws cli

Browse Source
This commit is contained in:
Arnie 2025-03-20 11:11:46 +01:00
parent b71d16c7cf
commit a12585068a
No known key found for this signature in database
GPG Key ID: 4BDFA3BCF2999D11
1 changed files with 268 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

280
home-manager/veracode/aws-cli.nix
View File

@ -222,6 +222,188 @@ let
role = "EngineerAdmin";
};
};
old-world = {
"932961976631" = {
name = "Veracode Laputa";
role = "EngineerAdmin";
};
"747166839737" = {
name = "Alternator Prod";
role = "EngineerAdmin";
};
"849762296401" = {
name = "aws-cloudloop";
role = "EngineerAdmin";
};
"555828001259" = {
name = "aws-devops";
role = "EngineerAdmin";
};
"095180515219" = {
name = "aws-disco-dev";
role = "EngineerAdmin";
};
"602400992919" = {
name = "aws-disco-prod";
role = "EngineerAdmin";
};
"671440995558" = {
name = "aws-mpt";
role = "EngineerAdmin";
};
"390809507444" = {
name = "aws-research";
role = "EngineerAdmin";
};
"547681985753" = {
name = "aws-static-dev";
role = "EngineerAdmin";
};
"576836758243" = {
name = "aws-static-prod";
role = "EngineerAdmin";
};
"272739225222" = {
name = "Greenlight Dev";
role = "EngineerAdmin";
};
"187309115203" = {
name = "Greenlight Prod";
role = "EngineerAdmin";
};
"312566581319" = {
name = "mvsa-prod";
role = "EngineerAdmin";
};
"528304698271" = {
name = "ops1";
role = "EngineerAdmin";
};
"178484873978" = {
name = "ops2";
role = "EngineerAdmin";
};
"036935693235" = {
name = "platform-integrations-dev";
role = "EngineerAdmin";
};
"101042440253" = {
name = "platform-integrations-prod";
role = "EngineerAdmin";
};
"769404944768" = {
name = "Veracode GovCloud Parent Staging";
role = "EngineerAdmin";
};
"227458413628" = {
name = "veracode-asc-ilt";
role = "EngineerAdmin";
};
"637659597440" = {
name = "veracode-dataservices-dev";
role = "EngineerAdmin";
};
"360252896736" = {
name = "veracode-dataservices-production";
role = "EngineerAdmin";
};
"634743813634" = {
name = "veracode-elearning-nonprod";
role = "EngineerAdmin";
};
"231131777030" = {
name = "veracode-gov-parent-nonproduction";
role = "EngineerAdmin";
};
"391700338873" = {
name = "veracode-gov-parent-production";
role = "EngineerAdmin";
};
"083679226615" = {
name = "veracode-hackathon";
role = "EngineerAdmin";
};
"228885042232" = {
name = "veracode-info-sec";
role = "EngineerAdmin";
};
"653330403905" = {
name = "veracode-mpt-mffc";
role = "EngineerAdmin";
};
"566201213358" = {
name = "veracode-nonproduction";
role = "EngineerAdmin";
};
"518031149952" = {
name = "veracode-production";
role = "EngineerAdmin";
};
"966752150300" = {
name = "veracode-qaoncloud-nonproduction";
role = "EngineerAdmin";
};
"221433242586" = {
name = "veracode-solutions-architect";
role = "EngineerAdmin";
};
"576647558819" = {
name = "VeraRadio";
role = "EngineerAdmin";
};
};
longbow = {
"520315734741" = {
name = "Audit";
role = "AWS-Engineer-Admin";
};
"853528449373" = {
name = "demo";
role = "AWS-Engineer-Admin";
};
"058887878640" = {
name = "Dev";
role = "AWS-Engineer-Admin";
};
"539590419140" = {
name = "Hans Gruber";
role = "AWS-Engineer-Admin";
};
"048352314288" = {
name = "Log archive";
role = "AWS-Engineer-Admin";
};
"066179854877" = {
name = "Production";
role = "AWS-Engineer-Admin";
};
"388353868666" = {
name = "SaaS Seller Account";
role = "AWS-Engineer-Admin";
};
"057168112839" = {
name = "Sandbox";
role = "AWS-Engineer-Admin";
};
"704459292453" = {
name = "Shared Services";
role = "AWS-Engineer-Admin";
};
"108911762463" = {
name = "Staging";
role = "AWS-Engineer-Admin";
};
"252894127310" = {
name = "TalonX";
role = "AWS-Engineer-Admin";
};
"932480454180" = {
name = "Test Customer";
role = "AWS-Engineer-Admin";
};
};
};
in
{
@ -240,16 +422,26 @@ in
sso_region = eu-central-1
sso_registration_scopes = sso:account:access
[sso-session veracode-old-world]
sso_start_url = https://d-90679ac9ea.awsapps.com/start
sso_region = us-east-1
sso_registration_scopes = sso:account:access
[sso-session veracode-longbow]
sso_start_url = https://d-90677f445e.awsapps.com/start
sso_region = eu-central-1
sso_registration_scopes = sso:account:access
${builtins.concatStringsSep "\n" (
lib.mapAttrsToList (id: account: ''
[profile ${account.name}]
[profile ${builtins.replaceStrings [ " " ] [ "" ] account.name}]
sso_account_id = ${id}
sso_role_name = ${account.role}
sso_session = veracode-us
region = us-east-1
output = json
[profile us-${account.name}]
[profile us-${builtins.replaceStrings [ " " ] [ "" ] account.name}]
sso_account_id = ${id}
sso_role_name = ${account.role}
sso_session = veracode-us
@ -260,16 +452,21 @@ in
${builtins.concatStringsSep "\n" (
lib.mapAttrsToList (id: account: ''
${if lib.any (usAccount: usAccount.name == account.name) (lib.attrValues accounts.us) then "" else ''
[profile ${account.name}]
sso_account_id = ${id}
sso_role_name = ${account.role}
sso_session = veracode-eu
region = eu-central-1
output = json
''}
${
if lib.any (usAccount: usAccount.name == account.name) (lib.attrValues accounts.us) then
""
else
''
[profile ${builtins.replaceStrings [ " " ] [ "" ] account.name}]
sso_account_id = ${id}
sso_role_name = ${account.role}
sso_session = veracode-eu
region = eu-central-1
output = json
''
}
[profile eu-${account.name}]
[profile eu-${builtins.replaceStrings [ " " ] [ "" ] account.name}]
sso_account_id = ${id}
sso_role_name = ${account.role}
sso_session = veracode-eu
@ -277,6 +474,64 @@ in
output = json
'') accounts.eu
)}
${builtins.concatStringsSep "\n" (
lib.mapAttrsToList (id: account: ''
${
if
lib.any (otherAccount: otherAccount.name == account.name) (
lib.attrValues (accounts.us // accounts.eu)
)
then
""
else
''
[profile ${builtins.replaceStrings [ " " ] [ "" ] account.name}]
sso_account_id = ${id}
sso_role_name = ${account.role}
sso_session = veracode-old-world
region = eu-central-1
output = json
''
}
[profile old-world-${builtins.replaceStrings [ " " ] [ "" ] account.name}]
sso_account_id = ${id}
sso_role_name = ${account.role}
sso_session = veracode-old-world
region = eu-central-1
output = json
'') accounts.old-world
)}
${builtins.concatStringsSep "\n" (
lib.mapAttrsToList (id: account: ''
${
if
lib.any (otherAccount: otherAccount.name == account.name) (
lib.attrValues (accounts.us // accounts.eu // accounts.old-world)
)
then
""
else
''
[profile ${builtins.replaceStrings [ " " ] [ "" ] account.name}]
sso_account_id = ${id}
sso_role_name = ${account.role}
sso_session = veracode-longbow
region = eu-central-1
output = json
''
}
[profile longbow-${builtins.replaceStrings [ " " ] [ "" ] account.name}]
sso_account_id = ${id}
sso_role_name = ${account.role}
sso_session = veracode-longbow
region = eu-central-1
output = json
'') accounts.longbow
)}
'';
};
@ -304,8 +559,9 @@ in
veracode-login = ''${pkgs.writeShellScript "veracode-login" ''
for region in us eu; do
aws sso login --profile $region-shared-services
aws sso login --profile $region-shared-services &
done
aws sso login --profile old-world-aws-devops &
''}'';
};
}