52 lines
1.7 KiB
Plaintext
52 lines
1.7 KiB
Plaintext
# Natera-sensitive configuration (do not commit the real file)
|
|
# Copy this file to zshrc-natera.private and fill in the placeholders.
|
|
# zshrc-natera.private is gitignored.
|
|
|
|
# AWS profile (contains account ID)
|
|
export AWS_PROFILE="YOUR_AWS_PROFILE_NAME"
|
|
|
|
# OpenTelemetry endpoint (internal)
|
|
export OTEL_EXPORTER_OTLP_ENDPOINT="http://YOUR_OTEL_ENDPOINT:4318"
|
|
|
|
# Netskope TLS cert bundle path (Natera corp)
|
|
export AWS_CA_BUNDLE=~/.aws/nskp_config/netskope-cert-bundle.pem
|
|
export REQUESTS_CA_BUNDLE=~/.aws/nskp_config/netskope-cert-bundle.pem
|
|
export SSL_CERT_FILE=~/.aws/nskp_config/netskope-cert-bundle.pem
|
|
export NODE_EXTRA_CA_CERTS=~/.aws/nskp_config/netskope-cert-bundle.pem
|
|
|
|
# Refresh: close tunnel if open, then SSO login + jumpbox + boring open (replace placeholders)
|
|
refresh() {
|
|
boring close YOUR_BORING_TARGET 2>/dev/null
|
|
aws sso login && ssh -i ~/work/pems/YOUR_JUMPBOX_PEM ec2-user@JUMPBOX_IP exit && boring open YOUR_BORING_TARGET
|
|
}
|
|
|
|
# Database password retrieval function (replace ARNs and profile names with your actual values)
|
|
function dbpass {
|
|
local env="${1:-dev}"
|
|
local secret_id profile
|
|
|
|
case "$env" in
|
|
dev)
|
|
secret_id='arn:aws:secretsmanager:REGION:ACCOUNT_ID:secret:YOUR_DEV_SECRET_ARN'
|
|
profile='YOUR_DEV_AWS_PROFILE'
|
|
;;
|
|
uat)
|
|
secret_id='arn:aws:secretsmanager:REGION:ACCOUNT_ID:secret:YOUR_UAT_SECRET_ARN'
|
|
profile='YOUR_UAT_AWS_PROFILE'
|
|
;;
|
|
*)
|
|
echo "Usage: dbpass [dev|uat]"
|
|
return 1
|
|
;;
|
|
esac
|
|
|
|
aws secretsmanager get-secret-value \
|
|
--secret-id "$secret_id" \
|
|
--region us-west-2 \
|
|
--profile "$profile" \
|
|
--query 'SecretString' \
|
|
--output text \
|
|
| jq -r '.password' \
|
|
| pbcopy
|
|
}
|