Add support for STS users

shotover · Feb 2, 2024 · 685bdc6 · 685bdc6
1 parent 3632fbd
commit 685bdc6
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 5 deletions.
diff --git a/aws-throwaway/src/backend/cli/mod.rs b/aws-throwaway/src/backend/cli/mod.rs
@@ -226,7 +226,8 @@ impl Aws {
                 let result: SecurityGroup = run_command(&command).await.unwrap();
                 tracing::info!("created security group");
 
-                let mut futures = FuturesUnordered::<Pin<Box<dyn Future<Output = ()>>>>::new();
+                let mut futures =
+                    FuturesUnordered::<Pin<Box<dyn Future<Output = ()> + Send>>>::new();
                 futures.push(Box::pin(Aws::create_ingress_rule_internal(tags, name)));
                 if !ports.contains(&22) {
                     // SSH
@@ -750,8 +751,25 @@ sudo systemctl start ssh
 }
 
 async fn user_name() -> String {
-    let GetUser::User { user_name } = run_command(&["iam", "get-user"]).await.unwrap();
-    user_name
+    match iam_user_name().await {
+        Ok(name) => name,
+        Err(err) => {
+            tracing::debug!("Failed to run iam get-user {err:?}");
+            sts_user_id().await
+        }
+    }
+}
+
+async fn iam_user_name() -> Result<String> {
+    let IamGetUser::User { user_name } = run_command(&["iam", "get-user"]).await?;
+    Ok(user_name)
+}
+
+async fn sts_user_id() -> String {
+    let StsGetCallerIdentity { user_id } = run_command(&["sts", "get-caller-identity", "user-id"])
+        .await
+        .unwrap();
+    user_id
 }
 
 async fn run_command_empty_response(args: &[&str]) -> Result<()> {
@@ -790,9 +808,15 @@ async fn run_command_string(args: &[&str]) -> Result<String> {
 }
 
 #[derive(serde::Deserialize)]
-enum GetUser {
+enum IamGetUser {
     User {
         #[serde(alias = "UserName")]
         user_name: String,
     },
 }
+
+#[derive(serde::Deserialize)]
+struct StsGetCallerIdentity {
+    #[serde(alias = "UserId")]
+    user_id: String,
+}
diff --git a/aws-throwaway/src/backend/sdk/aws.rs b/aws-throwaway/src/backend/sdk/aws.rs
@@ -160,7 +160,8 @@ impl Aws {
                     .unwrap();
                 tracing::info!("created security group");
 
-                let mut futures = FuturesUnordered::<Pin<Box<dyn Future<Output = ()>>>>::new();
+                let mut futures =
+                    FuturesUnordered::<Pin<Box<dyn Future<Output = ()> + Send>>>::new();
                 futures.push(Box::pin(Aws::create_ingress_rule_internal(
                     client, tags, name,
                 )));