From 2182b879c32db1f65126b33b789677b13b7f685c Mon Sep 17 00:00:00 2001
From: Andrew Williams <andy@tensixtyone.com>
Date: Sun, 28 Dec 2025 20:38:05 +0000
Subject: [PATCH] [shell-common] Update AWS commands

---
 shell-common/.config/shell-common/aws.sh | 144 +++--------------------
 1 file changed, 16 insertions(+), 128 deletions(-)

diff --git a/shell-common/.config/shell-common/aws.sh b/shell-common/.config/shell-common/aws.sh
index c5fe774..7a4659b 100644
--- a/shell-common/.config/shell-common/aws.sh
+++ b/shell-common/.config/shell-common/aws.sh
@@ -87,31 +87,24 @@ function awslogin() {
         return 2
     fi
     echo "AWS login successful. Credentials exported."
-    export AWS_PROFILE_ACTIVE="$profile"
-    if [[ -n "$profile" ]]; then
-        export AWS_PROFILE_DISPLAY="[aws: $profile]"
-    else
-        export AWS_PROFILE_DISPLAY=""
-    fi
+    export AWS_PROFILE="$profile"
 }
 
+# Clear AWS credentials from environment
 function awslogout() {
-    unset AWS_PROFILE_ACTIVE
-    unset AWS_ACCESS_KEY_ID
-    unset AWS_SECRET_ACCESS_KEY
-    unset AWS_SESSION_TOKEN
-    unset AWS_CREDENTIAL_EXPIRATION
-    export AWS_PROFILE_DISPLAY=""
+    aws sso logout --profile "${AWS_PROFILE:-default}" 2> /dev/null
+    unset AWS_PROFILE AWS_PROFILE_ACTIVE AWS_ACCESS_KEY_ID AWS_SECRET_ACCESS_KEY AWS_SESSION_TOKEN AWS_CREDENTIAL_EXPIRATION
     echo "AWS profile and credentials cleared."
 }
 
+# Check if AWS credentials have expired and clear the env variables if so
 function _aws_creds_expiration_check() {
     if [[ -n "$AWS_CREDENTIAL_EXPIRATION" ]]; then
         local expiration_epoch
         local current_epoch
 
         # Convert expiration time to epoch (handles ISO 8601 format)
-        if command -v gdate &> /dev/null; then
+        if [[ -x $(command -v gdate) ]]; then
             # macOS with GNU coreutils installed
             expiration_epoch=$(gdate -d "$AWS_CREDENTIAL_EXPIRATION" +%s 2>/dev/null)
             current_epoch=$(gdate +%s)
@@ -130,119 +123,14 @@ function _aws_creds_expiration_check() {
     fi
 }
 
-# easy access to SSH
-function awsssh() {
-    local profile=""
-    local region=""
-    local username="ansible"
-    local search=""
-
-    # Parse arguments
-    while [[ $# -gt 0 ]]; do
-        case "$1" in
-            --profile)
-                profile="$2"
-                shift 2
-                ;;
-            --region)
-                region="$2"
-                shift 2
-                ;;
-            *)
-                search="$1"
-                shift
-                ;;
-        esac
-    done
-
-    if [[ -z "$search" ]]; then
-        echo "Usage: awsssh [--profile prof] [--region reg] [user@]search-term"
-        return 1
+# Hook the expiration check to each prompt display
+if [[ $(command add-zsh-hook 2>/dev/null) ]]; then
+    # Zsh
+    if ! [[ -n "$PERIOD" ]]; then
+        export PERIOD=300
     fi
-
-    # Extract username if provided as user@search
-    if [[ "$search" == *@* ]]; then
-        username="${search%@*}"
-        search="${search#*@}"
-    fi
-
-    # Build AWS CLI options
-    local aws_opts=()
-    [[ -n "$profile" ]] && aws_opts+=(--profile "$profile")
-    [[ -n "$region" ]] && aws_opts+=(--region "$region")
-
-    # Get matching instances
-    local instances
-    instances=$(aws ec2 describe-instances \
-        --filters "Name=tag:Name,Values=*$search*" \
-        --query 'Reservations[].Instances[].{
-            Name: Tags[?Key==`Name`].Value | [0],
-            IP: PublicIpAddress,
-            InstanceId: InstanceId
-        }' \
-        --output json \
-        "${aws_opts[@]}")
-
-    if [[ $? -ne 0 || -z "$instances" || "$instances" == "[]" ]]; then
-        echo "Failed to retrieve instances or no match found."
-        return 2
-    fi
-
-    # Select instance using fzf
-    local selection
-    selection=$(echo "$instances" | jq -r '.[] | "\(.Name): \(.IP // "no-ip") (\(.InstanceId))"' |
-                fzf -1 -0 --header "Select an instance")
-
-    if [[ -z "$selection" ]]; then
-        echo "No valid instance selected."
-        return 3
-    fi
-
-    # Extract IP and InstanceId from selection
-    local ip instance_id
-    ip=$(echo "$selection" | sed -E 's/.*: (.*) \(.*/\1/')
-    instance_id=$(echo "$selection" | sed -E 's/.*\((i-[a-z0-9]+)\).*/\1/')
-
-    if [[ "$ip" != "no-ip" ]]; then
-        echo "Connecting to $username@$ip via SSH..."
-        ssh -o StrictHostKeyChecking=no -o ConnectTimeout=10 "${username}@${ip}"
-    else
-        echo "No public IP found. Falling back to AWS Session Manager..."
-        aws ssm start-session --target "$instance_id" "${aws_opts[@]}"
-    fi
-}
-
-function instances() {
-    local profile=""
-    local region=""
-
-    # Parse optional arguments
-    while [[ $# -gt 0 ]]; do
-        case "$1" in
-            --profile)
-                profile="$2"
-                shift 2
-                ;;
-            --region)
-                region="$2"
-                shift 2
-                ;;
-            *)
-                echo "Unknown option: $1"
-                echo "Usage: list_ec2_instances [--profile prof] [--region region]"
-                return 1
-                ;;
-        esac
-    done
-
-    # Build AWS CLI options
-    local aws_opts=()
-    [[ -n "$profile" ]] && aws_opts+=(--profile "$profile")
-    [[ -n "$region" ]] && aws_opts+=(--region "$region")
-
-    # Query EC2 for names and instance IDs
-    aws ec2 describe-instances \
-        --query 'Reservations[].Instances[].{Name: Tags[?Key==`Name`].Value | [0], InstanceId: InstanceId}' \
-        --output table \
-        "${aws_opts[@]}"
-}
+    add-zsh-hook periodic _aws_creds_expiration_check
+else
+    # Bash
+    PROMPT_COMMAND="_aws_creds_expiration_check; $PROMPT_COMMAND"
+fi