317 lines
8.1 KiB
Nix
317 lines
8.1 KiB
Nix
{
|
|
homedir,
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
accounts = {
|
|
eu = {
|
|
"905326657474" = {
|
|
name = "log-archive";
|
|
role = "EngineerAdmin-Veracode-EU-All";
|
|
};
|
|
"864021117189" = {
|
|
name = "security";
|
|
role = "EngineerAdmin-Veracode-EU-All";
|
|
};
|
|
"296441839393" = {
|
|
name = "shared-services";
|
|
role = "EngineerAdmin-Veracode-EU-All";
|
|
};
|
|
"714966795542" = {
|
|
name = "veracode-eu-devops";
|
|
role = "EngineerAdmin-Veracode-EU-All";
|
|
};
|
|
"359955634867" = {
|
|
name = "veracode-eu-master";
|
|
role = "ReadOnly";
|
|
};
|
|
"675053010029" = {
|
|
name = "veracode-eu-networking";
|
|
role = "EngineerAdmin-Veracode-EU-All";
|
|
};
|
|
"377019361040" = {
|
|
name = "veracode-eu-platform-nonprod";
|
|
role = "EngineerAdmin-Veracode-EU-All";
|
|
};
|
|
"962291324749" = {
|
|
name = "veracode-eu-platform-prod";
|
|
role = "EngineerAdmin-Veracode-EU-All";
|
|
};
|
|
"090139405064" = {
|
|
name = "veracode-status-eu";
|
|
role = "EngineerAdmin-Veracode-EU-All";
|
|
};
|
|
};
|
|
us = {
|
|
"339712784947" = {
|
|
name = "aws-corp-it-prod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"077230771307" = {
|
|
name = "aws-syseng";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"854207236867" = {
|
|
name = "devops";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"419928441445" = {
|
|
name = "hunter2";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"201152413784" = {
|
|
name = "hunter2-nonprod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"234742391591" = {
|
|
name = "logging";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"373670440571" = {
|
|
name = "mars-archive";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"389203956472" = {
|
|
name = "mvsa-dev";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"120705294404" = {
|
|
name = "networking";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"540592891828" = {
|
|
name = "repo-tools-nonprod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"199128305162" = {
|
|
name = "security";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"205744758777" = {
|
|
name = "shared-services";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"502262283075" = {
|
|
name = "staticengine-ci";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"593005598611" = {
|
|
name = "Veracode Marketplace Sales Account";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"544286724460" = {
|
|
name = "veracode-api-security-dev";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"426703640137" = {
|
|
name = "veracode-cmk-production";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"227890167531" = {
|
|
name = "veracode-cmk-staging";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"833309876439" = {
|
|
name = "veracode-datalake-nonprod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"231215122795" = {
|
|
name = "veracode-datalake-prod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"556105087578" = {
|
|
name = "veracode-devops-sandbox";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"419934374614" = {
|
|
name = "veracode-dynamic-nonprod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"743424160468" = {
|
|
name = "veracode-dynamic-prod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"026090546337" = {
|
|
name = "veracode-extcmk-c01";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"026090544016" = {
|
|
name = "veracode-extcmk-dev";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"527791905507" = {
|
|
name = "veracode-gov-production";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"241823169104" = {
|
|
name = "veracode-gov-security";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"337544356528" = {
|
|
name = "veracode-gov-staging";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"125763904786" = {
|
|
name = "veracode-l2-support";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"361598275817" = {
|
|
name = "veracode-laputa-sandbox";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"165970187232" = {
|
|
name = "veracode-lz-data-dr";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"135394645105" = {
|
|
name = "veracode-lz-data-nonprod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"041513053014" = {
|
|
name = "veracode-lz-data-prod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"341176679750" = {
|
|
name = "veracode-lz-futureville";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"011479462201" = {
|
|
name = "veracode-lz-master";
|
|
role = "ReadOnly";
|
|
};
|
|
"900979254221" = {
|
|
name = "veracode-lz-static-non-prod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"867871251596" = {
|
|
name = "veracode-lz-static-prod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"621415697837" = {
|
|
name = "veracode-pac-lz-nonproduction";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"677563424528" = {
|
|
name = "veracode-pac-lz-production";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"055143528572" = {
|
|
name = "veracode-platform-nonprod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"432322876094" = {
|
|
name = "veracode-platform-prod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"772788280252" = {
|
|
name = "veracode-sca-nonprod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"978530908597" = {
|
|
name = "veracode-sca-prod";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"129575015961" = {
|
|
name = "veracode-sky-github";
|
|
role = "EngineerAdmin";
|
|
};
|
|
"157122231047" = {
|
|
name = "veracode-status";
|
|
role = "EngineerAdmin";
|
|
};
|
|
};
|
|
};
|
|
in
|
|
{
|
|
home.file."${homedir}/.aws/config" = {
|
|
text = ''
|
|
[default]
|
|
region = us-east-1
|
|
|
|
[sso-session veracode-us]
|
|
sso_start_url = https://d-906716ce52.awsapps.com/start/
|
|
sso_region = us-east-1
|
|
sso_registration_scopes = sso:account:access
|
|
|
|
[sso-session veracode-eu]
|
|
sso_start_url = https://d-996723c1d4.awsapps.com/start
|
|
sso_region = eu-central-1
|
|
sso_registration_scopes = sso:account:access
|
|
|
|
${builtins.concatStringsSep "\n" (
|
|
lib.mapAttrsToList (id: account: ''
|
|
[profile ${account.name}]
|
|
sso_account_id = ${id}
|
|
sso_role_name = ${account.role}
|
|
sso_session = veracode-us
|
|
region = us-east-1
|
|
output = json
|
|
|
|
[profile us-${account.name}]
|
|
sso_account_id = ${id}
|
|
sso_role_name = ${account.role}
|
|
sso_session = veracode-us
|
|
region = us-east-1
|
|
output = json
|
|
|
|
[profile id-${id}]
|
|
sso_account_id = ${id}
|
|
sso_role_name = ${account.role}
|
|
sso_session = veracode-us
|
|
region = us-east-1
|
|
output = json
|
|
'') accounts.us
|
|
)}
|
|
|
|
${builtins.concatStringsSep "\n" (
|
|
lib.mapAttrsToList (id: account: ''
|
|
[profile eu-${account.name}]
|
|
sso_account_id = ${id}
|
|
sso_role_name = ${account.role}
|
|
sso_session = veracode-eu
|
|
region = eu-central-1
|
|
output = json
|
|
|
|
[profile id-${id}]
|
|
sso_account_id = ${id}
|
|
sso_role_name = ${account.role}
|
|
sso_session = veracode-eu
|
|
region = eu-central-1
|
|
output = json
|
|
'') accounts.eu
|
|
)}
|
|
'';
|
|
};
|
|
|
|
programs.zsh.shellAliases = {
|
|
veracode-find = ''${pkgs.writeShellScript "veracode-find" ''
|
|
for profile in $(aws configure list-profiles | grep -E '^(us|eu)-'); do
|
|
echo "=== $profile ==="
|
|
aws --profile $profile "$@";
|
|
done
|
|
''}'';
|
|
|
|
veracode-find-eu = ''${pkgs.writeShellScript "veracode-find" ''
|
|
for profile in $(aws configure list-profiles | grep -E '^(eu)-'); do
|
|
echo "=== $profile ==="
|
|
aws --profile $profile "$@";
|
|
done
|
|
''}'';
|
|
|
|
veracode-find-us = ''${pkgs.writeShellScript "veracode-find" ''
|
|
for profile in $(aws configure list-profiles | grep -E '^(us)-'); do
|
|
echo "=== $profile ==="
|
|
aws --profile $profile "$@";
|
|
done
|
|
''}'';
|
|
|
|
veracode-login = ''${pkgs.writeShellScript "veracode-login" ''
|
|
for region in us eu; do
|
|
aws sso login --profile $region-shared-services
|
|
done
|
|
''}'';
|
|
};
|
|
}
|