-
Notifications
You must be signed in to change notification settings - Fork 1
/
federateme.py
32 lines (24 loc) · 1.33 KB
/
federateme.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
#!/usr/bin/env python3
import boto.utils, json, requests
def detect_ec2():
try:
r = requests.get('http://169.254.169.254/latest/meta-data/ami-id')
print(r)
# probably should check for something in the response here.
return True
except:
return False
def gen_link():
s = json.dumps({'sessionId': boto.utils.get_instance_metadata()['identity-credentials']['ec2']['security-credentials']['ec2-instance']['AccessKeyId'],
'sessionKey': boto.utils.get_instance_metadata()['identity-credentials']['ec2']['security-credentials']['ec2-instance']['SecretAccessKey'],
'sessionToken': boto.utils.get_instance_metadata()['identity-credentials']['ec2']['security-credentials']['ec2-instance']['Token']})
r = requests.get("https://signin.aws.amazon.com/federation", params={'Action': 'getSigninToken', 'SessionDuration': 7200, 'Session': s})
t = r.json()
rs = requests.Request('GET', 'https://signin.aws.amazon.com/federation',
params={'Action': 'login', 'Issuer': 'Internet Widgets Pty.', 'Destination': 'https://console.aws.amazon.com/', 'SigninToken': t['SigninToken']})
l = rs.prepare()
return l.url
if detect_ec2():
print(gen_link())
else:
print("This is not an AWS instance. Please run on an AWS EC2 instance.")