C3C/nix-configuration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implement aws-cli configuration

Browse Source
This commit is contained in:
Lukas Cech 2025-01-13 14:39:45 +01:00
parent 301125ae94
commit ef2dc5c216
3 changed files with 275 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
home-manager/common.nix
View File

@ -41,7 +41,7 @@ in
{ }
);
initExtra = ''
initExtra = lib.mkBefore ''
for file in ${zshSourceCommon}/*.zsh; do
source "$file"
done

11
home-manager/lcech-mac-veracode.nix
View File

@ -8,8 +8,15 @@ let
homedir = "/Users/${username}";
zshSourceDirs = [ ];
in
{
imports = [
(import ./veracode/aws-cli.nix {
inherit homedir lib;
})
];
home.username = username;
home.homeDirectory = homedir;
@ -166,8 +173,8 @@ in
autoload -U +X bashcompinit && bashcompinit
source <(kubectl completion zsh)
complete -C '/usr/local/bin/aws_completer' aws
source <(${pkgs.kubectl}/bin/kubectl completion zsh)
complete -C '${pkgs.awscli2}/bin/aws_completer' aws
'';
};

265
home-manager/veracode/aws-cli.nix Normal file
View File

@ -0,0 +1,265 @@
{
lib,
homedir,
...
}:
let
accounts = {
eu = {
"905326657474" = {
name = "log-archive";
role = "EngineerAdmin-Veracode-EU-All";
};
"864021117189" = {
name = "security";
role = "EngineerAdmin-Veracode-EU-All";
};
"296441839393" = {
name = "shared-services";
role = "EngineerAdmin-Veracode-EU-All";
};
"714966795542" = {
name = "veracode-eu-devops";
role = "EngineerAdmin-Veracode-EU-All";
};
"359955634867" = {
name = "veracode-eu-master";
role = "ReadOnly";
};
"675053010029" = {
name = "veracode-eu-networking";
role = "EngineerAdmin-Veracode-EU-All";
};
"377019361040" = {
name = "veracode-eu-platform-nonprod";
role = "EngineerAdmin-Veracode-EU-All";
};
"962291324749" = {
name = "veracode-eu-platform-prod";
role = "EngineerAdmin-Veracode-EU-All";
};
"090139405064" = {
name = "veracode-status-eu";
role = "EngineerAdmin-Veracode-EU-All";
};
};
us = {
"339712784947" = {
name = "aws-corp-it-prod";
role = "EngineerAdmin";
};
"077230771307" = {
name = "aws-syseng";
role = "EngineerAdmin";
};
"854207236867" = {
name = "devops";
role = "EngineerAdmin";
};
"419928441445" = {
name = "hunter2";
role = "EngineerAdmin";
};
"201152413784" = {
name = "hunter2-nonprod";
role = "EngineerAdmin";
};
"234742391591" = {
name = "logging";
role = "EngineerAdmin";
};
"373670440571" = {
name = "mars-archive";
role = "EngineerAdmin";
};
"389203956472" = {
name = "mvsa-dev";
role = "EngineerAdmin";
};
"120705294404" = {
name = "networking";
role = "EngineerAdmin";
};
"540592891828" = {
name = "repo-tools-nonprod";
role = "EngineerAdmin";
};
"199128305162" = {
name = "security";
role = "EngineerAdmin";
};
"205744758777" = {
name = "shared-services";
role = "EngineerAdmin";
};
"502262283075" = {
name = "staticengine-ci";
role = "EngineerAdmin";
};
"593005598611" = {
name = "Veracode Marketplace Sales Account";
role = "EngineerAdmin";
};
"544286724460" = {
name = "veracode-api-security-dev";
role = "EngineerAdmin";
};
"426703640137" = {
name = "veracode-cmk-production";
role = "EngineerAdmin";
};
"227890167531" = {
name = "veracode-cmk-staging";
role = "EngineerAdmin";
};
"833309876439" = {
name = "veracode-datalake-nonprod";
role = "EngineerAdmin";
};
"231215122795" = {
name = "veracode-datalake-prod";
role = "EngineerAdmin";
};
"556105087578" = {
name = "veracode-devops-sandbox";
role = "EngineerAdmin";
};
"419934374614" = {
name = "veracode-dynamic-nonprod";
role = "EngineerAdmin";
};
"743424160468" = {
name = "veracode-dynamic-prod";
role = "EngineerAdmin";
};
"026090546337" = {
name = "veracode-extcmk-c01";
role = "EngineerAdmin";
};
"026090544016" = {
name = "veracode-extcmk-dev";
role = "EngineerAdmin";
};
"527791905507" = {
name = "veracode-gov-production";
role = "EngineerAdmin";
};
"241823169104" = {
name = "veracode-gov-security";
role = "EngineerAdmin";
};
"337544356528" = {
name = "veracode-gov-staging";
role = "EngineerAdmin";
};
"125763904786" = {
name = "veracode-l2-support";
role = "EngineerAdmin";
};
"361598275817" = {
name = "veracode-laputa-sandbox";
role = "EngineerAdmin";
};
"165970187232" = {
name = "veracode-lz-data-dr";
role = "EngineerAdmin";
};
"135394645105" = {
name = "veracode-lz-data-nonprod";
role = "EngineerAdmin";
};
"041513053014" = {
name = "veracode-lz-data-prod";
role = "EngineerAdmin";
};
"341176679750" = {
name = "veracode-lz-futureville";
role = "EngineerAdmin";
};
"011479462201" = {
name = "veracode-lz-master";
role = "ReadOnly";
};
"900979254221" = {
name = "veracode-lz-static-non-prod";
role = "EngineerAdmin";
};
"867871251596" = {
name = "veracode-lz-static-prod";
role = "EngineerAdmin";
};
"621415697837" = {
name = "veracode-pac-lz-nonproduction";
role = "EngineerAdmin";
};
"677563424528" = {
name = "veracode-pac-lz-production";
role = "EngineerAdmin";
};
"055143528572" = {
name = "veracode-platform-nonprod";
role = "EngineerAdmin";
};
"432322876094" = {
name = "veracode-platform-prod";
role = "EngineerAdmin";
};
"772788280252" = {
name = "veracode-sca-nonprod";
role = "EngineerAdmin";
};
"978530908597" = {
name = "veracode-sca-prod";
role = "EngineerAdmin";
};
"129575015961" = {
name = "veracode-sky-github";
role = "EngineerAdmin";
};
"157122231047" = {
name = "veracode-status";
role = "EngineerAdmin";
};
};
};
in
{
home.file."${homedir}/.aws/config" = {
text = ''
[default]
region = us-east-1
[sso-session veracode-us]
sso_start_url = https://d-906716ce52.awsapps.com/start/
sso_region = us-east-1
sso_registration_scopes = sso:account:access
[sso-session veracode-eu]
sso_start_url = https://d-996723c1d4.awsapps.com/start
sso_region = eu-central-1
sso_registration_scopes = sso:account:access
${builtins.concatStringsSep "\n" (
lib.mapAttrsToList (id: account: ''
[profile us-${account.name}]
sso_account_id = ${id}
sso_role_name = ${account.role}
sso_session = veracode-us
region = us-east-1
output = json
'') accounts.us
)}
${builtins.concatStringsSep "\n" (
lib.mapAttrsToList (id: account: ''
[profile eu-${account.name}]
sso_account_id = ${id}
sso_role_name = ${account.role}
sso_session = veracode-eu
region = eu-central-1
output = json
'') accounts.eu
)}
'';
};
}