From 5385c4e5467340965472e9ef766397ba4a33c7ea Mon Sep 17 00:00:00 2001
From: Pablo Pagani <79593935+pablopagani@users.noreply.github.com>
Date: Sat, 1 May 2021 17:54:11 -0300
Subject: [PATCH] Improved error handling sts get-caller-identity

Instead of looking for a fixed error string, it uses error codes from aws cli
Previos condition was not catching this error message:
An error occurred (ExpiredToken) when calling the GetCallerIdentity operation: The security token included in the request is expired
Also forced the output of the command to json. In some tests I was doing was failing becuase it was sending output as text
---
 include/whoami | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/include/whoami b/include/whoami
index a2fa3ce2..a7c6256e 100644
--- a/include/whoami
+++ b/include/whoami
@@ -29,8 +29,9 @@ case "$REGION" in
   ;;
 esac
 
-GETCALLER=$($AWSCLI sts get-caller-identity $PROFILE_OPT --region $REGION_FOR_STS 2>&1)
-if [[ $(echo "$GETCALLER" | grep 'Unable') ]]; then
+GETCALLER=$($AWSCLI sts get-caller-identity $PROFILE_OPT --output json --region $REGION_FOR_STS 2>&1)
+ret=$?
+if [[ $ret -ne 0 ]]; then
   if [[ $PRINTCHECKSONLY || $PRINTGROUPSONLY ]]; then
     echo Listing... 
   else