Updates the configured MFA credentials for AWS services.

Project description

auth-aws-profile

Make authenticating your AWS credentials with MFA easier by using a script provided in this repository. Developed using Python 3.12 and Poetry. The authentication process uses the V3 SDK for Python.

Requirements

Python ^3.12.
An AWS credentials file, e.g. ~/.aws/credentials, with one or more sections that contain the following keys.
- aws_access_key_id
- aws_secret_access_key
- aws_session_token
An AWS configuration file, e.g. ~/.aws/config, with one or more [profile *] sections.
- The [profile *] should reference a section from ~/.aws/credentials using source_profile = * and must have the role_arn key as well.

Example

Here's what the script expects your AWS configuration and credentials file to look like.

# ~/.aws/config

[default]
region = <my-aws-region>
output = yaml

[profile my-role]
role_arn = arn:aws:iam::<my-aws-account-number>:role/my-role
source_profile = mfa

# ~/.aws/credentials

[default]
aws_access_key_id = foo
aws_secret_access_key = bar

[mfa]
aws_access_key_id = foo
aws_secret_access_key = bar
aws_session_token = baz

The AWS CLI can still find my-role even if you move it to ~/.aws/credentials as long as it's renamed to [my-role] instead of [profile my-role]. However, this script requires my-role to be in ~/.aws/config and must be passed to the script using the complete profile section name, e.g. profile my-role.

Usage

Install the script from PyPi and verify the version.

pip install auth-aws-profile
auth-aws-profile --version

Here's a simple usage example based on the files mentioned in Example.

auth-aws-profile "profile my-role" "arn:aws:iam::<my-aws-account-number>:mfa/john.doe"

See the help documentation for details.

auth-aws-profile --help

Development

Installation

At least Python 3.12 must be installed.
Poetry is installed. See Installation.
Install the project with Poetry from the root using poetry install.

Installation (Dev Containers)

Docker must be installed.
Install the Dev Containers extension for VS Code or similar.

Project details

Release history Release notifications | RSS feed

This version

0.2.0

Aug 31, 2024

0.1.2

Dec 2, 2021

0.1.1

Dec 2, 2021

0.1.0 yanked

Dec 2, 2021

Reason this release was yanked:

0.1.0 does not have the version option.

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

auth-aws-profile-0.2.0.tar.gz (5.7 kB view hashes)

Uploaded Aug 31, 2024 Source

Built Distribution

auth_aws_profile-0.2.0-py3-none-any.whl (6.1 kB view hashes)

Uploaded Aug 31, 2024 Python 3

Hashes for auth-aws-profile-0.2.0.tar.gz

Hashes for auth-aws-profile-0.2.0.tar.gz
Algorithm	Hash digest
SHA256	`c73d7fbaf25d1f69a5ad7956cc16df489a4783e0154ced05dde3b7bb6fa73328`
MD5	`3a22bb485eb5b0911611b7f03e19b243`
BLAKE2b-256	`b3c884675f110f64651887c0634327076a3c2cc0e9ef1075b536d5c86d9ab4bc`

Hashes for auth_aws_profile-0.2.0-py3-none-any.whl

Hashes for auth_aws_profile-0.2.0-py3-none-any.whl
Algorithm	Hash digest
SHA256	`1784d00b4e447c0145fbd7e9945f40d8afa7d022eae1ecbd6d421ba2aa3a8383`
MD5	`6b1e9e36d68d71d19090d1ad6d71b7b5`
BLAKE2b-256	`6d775be7440c29c846ff838e87d0ab0a6cab6b6d07771050c5fcfeec46820b17`