1
# Copyright 2016 Amazon.com, Inc. or its affiliates. All Rights Reserved.
2
#
3
# Licensed under the Apache License, Version 2.0 (the "License"). You
4
# may not use this file except in compliance with the License. A copy of
5
# the License is located at
6
#
7
#     http://aws.amazon.com/apache2.0/
8
#
9
# or in the "license" file accompanying this file. This file is
10
# distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF
11
# ANY KIND, either express or implied. See the License for the specific
12
# language governing permissions and limitations under the License.
13
import sys
14

15
from awscli.customizations.commands import BasicCommand
16

17
from . import ConfigValue, NOT_SET
18

19

20
class ConfigureListCommand(BasicCommand):
21
    NAME = 'list'
22
    DESCRIPTION = (
23
        'Lists the profile, access key, secret key, and region configuration '
24
        'information used for the specified profile. For each configuration '
25
        'item, it shows the value, where the configuration value '
26
        'was retrieved, and the configuration variable name.\n'
27
        '\n'
28
        'For example, '
29
        'if you provide the AWS region in an environment variable, this '
30
        'command shows you the name of the region you\'ve configured, '
31
        'that this value came from an environment '
32
        'variable, and the name of the environment '
33
        'variable.\n'
34
        '\n'
35
        'For temporary credential methods such as roles and IAM Identity '
36
        'Center, this command displays the temporarily cached access key and '
37
        'secret access key is displayed.\n'
38
    )
39
    SYNOPSIS = 'aws configure list [--profile profile-name]'
40
    EXAMPLES = (
41
        'To show your current configuration values::\n'
42
        '\n'
43
        '  $ aws configure list\n'
44
        '        Name                    Value             Type    Location\n'
45
        '        ----                    -----             ----    --------\n'
46
        '     profile                <not set>             None    None\n'
47
        '  access_key     ****************ABCD      config_file    ~/.aws/config\n'
48
        '  secret_key     ****************ABCD      config_file    ~/.aws/config\n'
49
        '      region                us-west-2              env    AWS_DEFAULT_REGION\n'
50
        '\n'
51
    )
52

53
    def __init__(self, session, stream=None):
54
        super(ConfigureListCommand, self).__init__(session)
55
        if stream is None:
56
            stream = sys.stdout
57
        self._stream = stream
58

59
    def _run_main(self, args, parsed_globals):
60
        self._display_config_value(ConfigValue('Value', 'Type', 'Location'),
61
                                   'Name')
62
        self._display_config_value(ConfigValue('-----', '----', '--------'),
63
                                   '----')
64

65
        if parsed_globals and parsed_globals.profile is not None:
66
            profile = ConfigValue(self._session.profile, 'manual', '--profile')
67
        else:
68
            profile = self._lookup_config('profile')
69
        self._display_config_value(profile, 'profile')
70

71
        access_key, secret_key = self._lookup_credentials()
72
        self._display_config_value(access_key, 'access_key')
73
        self._display_config_value(secret_key, 'secret_key')
74

75
        region = self._lookup_config('region')
76
        self._display_config_value(region, 'region')
77
        return 0
78

79
    def _display_config_value(self, config_value, config_name):
80
        self._stream.write('%10s %24s %16s    %s\n' % (
81
            config_name, config_value.value, config_value.config_type,
82
            config_value.config_variable))
83

84
    def _lookup_credentials(self):
85
        # First try it with _lookup_config.  It's possible
86
        # that we don't find credentials this way (for example,
87
        # if we're using an IAM role).
88
        access_key = self._lookup_config('access_key')
89
        if access_key.value is not NOT_SET:
90
            secret_key = self._lookup_config('secret_key')
91
            access_key.mask_value()
92
            secret_key.mask_value()
93
            return access_key, secret_key
94
        else:
95
            # Otherwise we can try to use get_credentials().
96
            # This includes a few more lookup locations
97
            # (IAM roles, some of the legacy configs, etc.)
98
            credentials = self._session.get_credentials()
99
            if credentials is None:
100
                no_config = ConfigValue(NOT_SET, None, None)
101
                return no_config, no_config
102
            else:
103
                # For the ConfigValue, we don't track down the
104
                # config_variable because that info is not
105
                # visible from botocore.credentials.  I think
106
                # the credentials.method is sufficient to show
107
                # where the credentials are coming from.
108
                access_key = ConfigValue(credentials.access_key,
109
                                         credentials.method, '')
110
                secret_key = ConfigValue(credentials.secret_key,
111
                                         credentials.method, '')
112
                access_key.mask_value()
113
                secret_key.mask_value()
114
                return access_key, secret_key
115

116
    def _lookup_config(self, name):
117
        # First try to look up the variable in the env.
118
        value = self._session.get_config_variable(name, methods=('env',))
119
        if value is not None:
120
            return ConfigValue(value, 'env', self._session.session_var_map[name][1])
121
        # Then try to look up the variable in the config file.
122
        value = self._session.get_config_variable(name, methods=('config',))
123
        if value is not None:
124
            return ConfigValue(value, 'config-file',
125
                               self._session.get_config_variable('config_file'))
126
        else:
127
            return ConfigValue(NOT_SET, None, None)
128

129