Check last login mandatory settings now has combined abort

set an error flag and check all settings before exit program
Bug fix for json export with double quotes
2024-02-14 14:46:17 +09:00 · 2023-12-22 13:39:18 +09:00 · 2023-12-22 13:31:33 +09:00
1 changed files with 17 additions and 10 deletions
--- a/bin/check_last_login.sh
+++ b/bin/check_last_login.sh
@@ -27,13 +27,14 @@ LOG="${BASE_FOLDER}/../log";
 # auth log file user;date from collect_login_data script
 AUTH_LOG="${BASE_FOLDER}/../auth-log/user_auth.log";

+error=0;
 if [ $(whoami) != "root" ]; then
 	echo "Script must be run as root user";
-	exit;
+	error=1;
 fi;
 if [ ! -d "${LOG}" ]; then
 	echo "log folder ${LOG} not found";
-	exit;
+	error=1;
 fi;
 if [ -z $(command -v curl) ]; then
 	echo "Missing curl application, aborting";
@@ -43,6 +44,9 @@ if [ -z $(command -v jq) ]; then
 	echo "Missing jq application, aborting";
 	error=1;
 fi;
+if [ $error -eq 1 ]; then
+	exit;
+fi;
 # option 1 in list
 case "${1,,}" in
 	text)
@@ -62,11 +66,14 @@ case "${1,,}" in
 		;;
 esac;

-# collect info via: curl http://instance-data/latest/meta-data/
-instance_id=$(curl -s http://instance-data/latest/meta-data/instance-id)
-account_id=$(curl -s http://instance-data/latest/meta-data/identity-credentials/ec2/info/ | jq -r .AccountId)
-region=$(curl -s http://instance-data/latest/meta-data/placement/region)
-
+# collect info via: curl http://169.254.169.254/latest/meta-data/
+instance_data=$(
+	TOKEN=`curl -s -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600"` &&
+	curl -s -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/dynamic/instance-identity/document
+)
+instance_id=$(echo "${instance_data}" | jq .instanceId)
+account_id=$(echo "${instance_data}" | jq .accountId)
+region=$(echo "${instance_data}" | jq .region)

 if [ "${OUTPUT_TARGET}" = "text" ]; then
 	LOG="${LOG}/check_ssh_user."$(date +"%F_%H%m%S")".log";
@@ -82,9 +89,9 @@ if [ "${OUTPUT_TARGET}" = "text" ]; then
 	echo "Max age no login   : ${max_age_create} days";
 elif [ "${OUTPUT_TARGET}" = "json" ]; then
 	echo '"Info": {'
-	echo '"AccountId": "'${account_id}'",';
-	echo '"Region": "'${region}'",';
-	echo '"InstanceId": "'${instance_id}'",';
+	echo '"AccountId": '${account_id}',';
+	echo '"Region": '${region}',';
+	echo '"InstanceId": '${instance_id}',';
 	echo '"Hostname": "'$(hostname)'",';
 	echo '"Date": "'$(date +"%F %T")'",';
 	echo '"MaxAgeLogin": '${max_age_login}',';
Author	SHA1	Message	Date
Clemens Schwaighofer	70ef7a3fc5	Check last login mandatory settings now has combined abort set an error flag and check all settings before exit program	2024-02-14 14:46:17 +09:00
Clemens Schwaighofer	89252af50b	Bug fix for json export with double quotes	2023-12-22 13:39:18 +09:00
Clemens Schwaighofer	8fb833d3c4	Fix the call for getting instance data Do not use name alias, use the IP address for this	2023-12-22 13:31:33 +09:00