Skip to main content

AWS credential manager

Project description

AWS Credentials

This CLI tool will let you manage AWS IAM Credentials for a user.

The main feature of this tool is the ability to rotate credentials. The process for this is:

  1. delete inactive credentials
  2. create a new set of credentials
  3. using the new set, it will deactivate the old one

This process works because AWS has a maximum limit of two credentials.

Installing

pip install aws-credentials

Usage

boto3 is used to interact with the AWS API, so the standard files can be used to specify the credentials. This includes the ability to use the environment variables

  • AWS_ACCESS_KEY_ID
  • AWS_SECRET_ACCESS_KEY
  • AWS_SESSION_TOKEN

You can also specify these as options on the individual commands.

⇒  aws-credentials --help
usage: aws-credentials [-h]
                       {activate,create,deactivate,delete,list,rotate} ...

Utility for managing AWS access keys.

optional arguments:
  -h, --help            show this help message and exit

Commands:
  {activate,create,deactivate,delete,list,rotate}
    activate            Activate a specific access key.
    create              Create a new access key.
    deactivate          Deactivate a specific access key.
    delete              Delete a specific access key.
    list                List access keys.
    rotate              Rotate AWS credentials.

activate

⇒  aws-credentials activate --help
usage: aws-credentials activate [-h] [-v]
                                [--aws-access-key-id AWS_ACCESS_KEY_ID]
                                [--aws-secret-access-key AWS_SECRET_ACCESS_KEY]
                                [--aws-session-token AWS_SESSION_TOKEN]
                                access_key_id

Activate a specific access key.

positional arguments:
  access_key_id         id of the key to activate.

optional arguments:
  -h, --help            show this help message and exit
  -v, --verbose         Increase the verbosity of messages. "-v" for normal
                        output, and "-vv" for more verbose output.
  --aws-access-key-id AWS_ACCESS_KEY_ID
                        AWS_ACCESS_KEY_ID to use.
  --aws-secret-access-key AWS_SECRET_ACCESS_KEY
                        AWS_SECRET_ACCESS_KEY to use.
  --aws-session-token AWS_SESSION_TOKEN
                        AWS_SESSION_TOKEN to use.

create

⇒  aws-credentials create --help
usage: aws-credentials create [-h] [-v]
                              [--aws-access-key-id AWS_ACCESS_KEY_ID]
                              [--aws-secret-access-key AWS_SECRET_ACCESS_KEY]
                              [--aws-session-token AWS_SESSION_TOKEN]

Create a new access key.

optional arguments:
  -h, --help            show this help message and exit
  -v, --verbose         Increase the verbosity of messages. "-v" for normal
                        output, and "-vv" for more verbose output.
  --aws-access-key-id AWS_ACCESS_KEY_ID
                        AWS_ACCESS_KEY_ID to use.
  --aws-secret-access-key AWS_SECRET_ACCESS_KEY
                        AWS_SECRET_ACCESS_KEY to use.
  --aws-session-token AWS_SESSION_TOKEN
                        AWS_SESSION_TOKEN to use.

deactivate

⇒  aws-credentials deactivate --help
usage: aws-credentials deactivate [-h] [-v]
                                  [--aws-access-key-id AWS_ACCESS_KEY_ID]
                                  [--aws-secret-access-key AWS_SECRET_ACCESS_KEY]
                                  [--aws-session-token AWS_SESSION_TOKEN]
                                  access_key_id

Deactivate a specific access key.

positional arguments:
  access_key_id         id of the key to deactivate.

optional arguments:
  -h, --help            show this help message and exit
  -v, --verbose         Increase the verbosity of messages. "-v" for normal
                        output, and "-vv" for more verbose output.
  --aws-access-key-id AWS_ACCESS_KEY_ID
                        AWS_ACCESS_KEY_ID to use.
  --aws-secret-access-key AWS_SECRET_ACCESS_KEY
                        AWS_SECRET_ACCESS_KEY to use.
  --aws-session-token AWS_SESSION_TOKEN
                        AWS_SESSION_TOKEN to use.

delete

⇒  aws-credentials delete --help
usage: aws-credentials delete [-h] [-v]
                              [--aws-access-key-id AWS_ACCESS_KEY_ID]
                              [--aws-secret-access-key AWS_SECRET_ACCESS_KEY]
                              [--aws-session-token AWS_SESSION_TOKEN]
                              access_key_id

Delete a specific access key.

positional arguments:
  access_key_id         id of the key to delete.

optional arguments:
  -h, --help            show this help message and exit
  -v, --verbose         Increase the verbosity of messages. "-v" for normal
                        output, and "-vv" for more verbose output.
  --aws-access-key-id AWS_ACCESS_KEY_ID
                        AWS_ACCESS_KEY_ID to use.
  --aws-secret-access-key AWS_SECRET_ACCESS_KEY
                        AWS_SECRET_ACCESS_KEY to use.
  --aws-session-token AWS_SESSION_TOKEN
                        AWS_SESSION_TOKEN to use.

list

⇒  aws-credentials list --help
usage: aws-credentials list [-h] [-v] [--aws-access-key-id AWS_ACCESS_KEY_ID]
                            [--aws-secret-access-key AWS_SECRET_ACCESS_KEY]
                            [--aws-session-token AWS_SESSION_TOKEN]

List access keys.

optional arguments:
  -h, --help            show this help message and exit
  -v, --verbose         Increase the verbosity of messages. "-v" for normal
                        output, and "-vv" for more verbose output.
  --aws-access-key-id AWS_ACCESS_KEY_ID
                        AWS_ACCESS_KEY_ID to use.
  --aws-secret-access-key AWS_SECRET_ACCESS_KEY
                        AWS_SECRET_ACCESS_KEY to use.
  --aws-session-token AWS_SESSION_TOKEN
                        AWS_SESSION_TOKEN to use.

rotate

⇒  aws-credentials rotate --help
usage: aws-credentials rotate [-h] [-v]
                              [--aws-access-key-id AWS_ACCESS_KEY_ID]
                              [--aws-secret-access-key AWS_SECRET_ACCESS_KEY]
                              [--aws-session-token AWS_SESSION_TOKEN]

Rotate AWS credentials. This will delete inactive keys before creating the new
key. It will then deactivate the old key.

optional arguments:
  -h, --help            show this help message and exit
  -v, --verbose         Increase the verbosity of messages. "-v" for normal
                        output, and "-vv" for more verbose output.
  --aws-access-key-id AWS_ACCESS_KEY_ID
                        AWS_ACCESS_KEY_ID to use.
  --aws-secret-access-key AWS_SECRET_ACCESS_KEY
                        AWS_SECRET_ACCESS_KEY to use.
  --aws-session-token AWS_SESSION_TOKEN
                        AWS_SESSION_TOKEN to use.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for aws-credentials, version 1.0.0
Filename, size File type Python version Upload date Hashes
Filename, size aws_credentials-1.0.0-py3-none-any.whl (6.8 kB) File type Wheel Python version py3 Upload date Hashes View
Filename, size aws-credentials-1.0.0.tar.gz (6.7 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page