Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Show relevant account info alongside l0-setup list and similar #627

Open
tlake opened this issue Jun 22, 2018 · 0 comments
Open

Show relevant account info alongside l0-setup list and similar #627

tlake opened this issue Jun 22, 2018 · 0 comments
Labels
enhancement

Comments

@tlake
Copy link
Contributor

tlake commented Jun 22, 2018
edited
Loading

For users who manage Layer0 instances across multiple AWS accounts, it can get confusing to remember which set of AWS credentials pair with which Layer0 instance. This confusion could readily be solved by displaying some human-readable content associated with the account ID for each Layer0 instance in commands like l0-setup list.

Sample output:

$ l0-setup list
STATUS    NAME        ACCOUNT
r         example1    Account 1 Name
l         example2    Account 2 Name

I've looked into a couple of paths in the AWS CLI which give me some information which may be useful. I haven't yet taken a look for whether these are reflected in the SDK (they probably are?), and there may be other/better ways to obtain the information I'm looking for, but here are the two I've found so far:

IAM

$ aws iam list-account-aliases
{
    "AccountAliases": [
        "some account alias here"
    ]
}

This seems to be the easiest and most direct manner of accessing some human-readable aspect of an account (by which I mean something more than the account ID), but it comes with a caveat: there is no guarantee that this information will exist for any given account. It's a sort of metadata that must be intentionally created for the account. It's easy enough to add an alias, though, with aws iam create-account-alias.

Cost Explorer

There's a way to access the Full Name of an account through the Cost Explorer API:

$ aws ce get-dimension-values --time-period Start=2018-01-01,End=2018-04-04 --dimension LINKED_ACCOUNT
{
    "DimensionValues": [
        {
            "Value": "<<ACCOUNT ID>>",
            "Attributes": {
                "description": "<<FULL NAME OF ACCOUNT>>"
            }
        }
    ],
    "ReturnSize": 1,
    "TotalSize": 1
}

This API call is a little more unwieldy - it requires a time period, and the actual value we're looking for is nested three levels deep. Regardless, this information is required at the time of account creation, and so should always exist.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@tlake