50 lines
1.5 KiB
PowerShell
50 lines
1.5 KiB
PowerShell
|
function Test-IsCurrentAWSUserSessionValid {
|
||
|
<#
|
||
|
.SYNOPSIS
|
||
|
Ensure that we are currently authenticated on the profile being used
|
||
|
|
||
|
.PARAMETER ProfileName
|
||
|
The profile to use
|
||
|
#>
|
||
|
[CmdletBinding()]
|
||
|
[OutputType([bool])]
|
||
|
param (
|
||
|
[Parameter(Mandatory = $false)]
|
||
|
[string]$ProfileName = (Get-LocalCachedAWSProfile)
|
||
|
)
|
||
|
|
||
|
$logLead = (Get-LogLeadName)
|
||
|
|
||
|
# Always easier to just alert the user if the value they gave us was no good
|
||
|
Assert-ValidAWSProfileName -ProfileName $ProfileName
|
||
|
|
||
|
$awsCredential = (Get-AWSCredentialEntries | Where-Object { $_.Profile -eq $ProfileName })
|
||
|
|
||
|
# If you said 'Dev' but meant 'temp-dev' then just fix it. Takes almost no time.
|
||
|
if ($null -eq $awsCredential) {
|
||
|
if ($ProfileName.StartsWith("temp-")) {
|
||
|
$ProfileName = $ProfileName.Replace("temp-","")
|
||
|
} else {
|
||
|
$ProfileName = "temp-$ProfileName"
|
||
|
}
|
||
|
|
||
|
$awsCredential = (Get-AWSCredentialEntries | Where-Object { $_.Profile -eq $ProfileName })
|
||
|
}
|
||
|
|
||
|
if ($null -eq $awsCredential) {
|
||
|
Write-Error "$logLead : No matching credential found for [$ProfileName]"
|
||
|
}
|
||
|
|
||
|
try {
|
||
|
$arn = Get-STSCallerIdentity -Select Arn -ProfileName $ProfileName
|
||
|
} catch {
|
||
|
if ("The security token included in the request is expired" -ne $_.Exception.Message) {
|
||
|
throw
|
||
|
}
|
||
|
return $false
|
||
|
}
|
||
|
|
||
|
return $true
|
||
|
}
|
||
|
|
||
|
Set-Alias -Name Test-IsAwsSessionValid -Value Test-IsCurrentAWSUserSessionValid -Scope Global
|