2

I have an AWS credentials file that looks like this:

cat ~/.aws/credentials
[default]
aws_access_key_id = M0NKEY2TH3B1RD
aws_secret_access_key = yabbadabbadabbadabbadabbadabbadabbasaidthe

and an app on Linux that instead wants these credentials in the environment vars:

AWS_ACCESS_KEY_ID=M0NKEY2TH3B1RD
AWS_SECRET_ACCESS_KEY=yabbadabbadabbadabbadabbadabbadabbasaidthe

I understand it is trivial to make these vars always available by copy/paste to .bashrc or some similar place, but I'd rather read the file that is there already and then only just-in-time, when needed.

This suggests possibly, as a small script or alias:

env $(sed -e 's/ //g' .aws/credentials | tail -n +2 | sed -e 's/[^=]+/\U&/') app

which unfortunately still sets lowercase env vars, and not UPPERCASE ENV VARS as needed.

aws_access_key_id=M0NKEY2TH3B1RD
aws_secret_access_key=yabbadabbadabbadabbadabbadabbadabbasaidthe

The commands within $() first trims the spaces out of the credentials, then skips the line "[default]", but then unfortunately doesn't uppercase everything to the left to the equals.

The "make uppercase"\U& part of the regexp, borrowed from an earlier SO answer, works fine if given something simpler to munch on.

echo aws_secret | sed -e 's/.*/\U&/'
AWS_SECRET

I thought there might be an escape issue and tried [^\=]+ instead of [^=]+ but that did not help. It would appear that the capturing regexp is not correct yet it should match every char up to the equals sign.

What's wrong with this regexp? Also, is there a simpler approach?

Community
  • 1
  • 1
Paul
  • 26,170
  • 12
  • 85
  • 119

1 Answers1

3

This works:

env $(sed -e 's/ //g' .aws/credentials | tail -n +2 | sed -r 's/[^=]+/\U&/')

Note the -r in the 2nd sed command.

A comment was left by someone who disappeared, suggesting -r, but without the match-the-left-hand-side context I needed. Turns out -r fixed it, by enabling GNU extensions. Why uppercasing with \U& will work at all without -r, if this is a GNU extension, is still a mystery...

Clearer

env AWS_ACCESS_KEY_ID=$(aws configure get aws_access_key_id) AWS_SECRET_ACCESS_KEY=$(aws configure get aws_secret_access_key)

This more direct approach assumes that aws, the Amazon web services python client, is installed.

Paul
  • 26,170
  • 12
  • 85
  • 119
  • It's worth noting that `\U` (and its cousins) are not supported by every `sed` variant (at the time of writing, busybox does not support it, for example). – Tomalak Dec 29 '15 at 08:47
  • @Tomalak Yes clearly this is just a hack. Sometimes there is more than 1 credential in an AWS credentials file as well, inviting mischief. – Paul Dec 29 '15 at 08:52
  • Putting it through a small Python script (or the like) might lead to more predictable and consistent results. – Tomalak Dec 29 '15 at 08:54
  • @Tomalak or perhaps `aws --strangely-named-option` – Paul Dec 29 '15 at 08:57
  • 1
    Perhaps, I would not count on it, though. This works well: `awk -F ' = ' 'NF == 2 {print toupper($1)"="$2 }' < .aws/credentials` – Tomalak Dec 29 '15 at 09:16
  • ...and setting `-F '\\s*=\\s*'` would allow for flexible whitespace around the `=` sign, FWIW. – Tomalak Dec 29 '15 at 09:27