Skip to main content

Unified CLI tool for streamlined AWS operations

Project description

aws fusion

Unified CLI tool for streamlined AWS operations, enhancing developer productivity

Tag Publish

Installation

Install via pip install

pip install aws-fusion

Command line tool

To invoke the cli, there are 2 option

  1. Directly use aws-fusion command
  2. Use it via aws cli alias with aws fusion

Commands


Usage of init

Try aws-fusion init --help for detailed parameter

Initilize fusion app with creation of aws fusion alias


Usage of open-browser

Try aws-fusion open-browser --help for detailed parameter

  • Make AWS credentials available via aws profile
  • Execute the script: aws-fusion open-browser --profile my-profile
  • :tada: Your browser opens, and you are signed in into the AWS console

Use cases

This only works with assume-role and federated-login, doesn't work with IAM user or user session.

IAM assume role

Profiles that use IAM roles pull credentials from another profile, and then apply IAM role permissions.

In the following examples, iam-user is the source profile for credentials and iam-assume-role borrows the same credentials then assumes a new role.

Credentials file

[profile iam-user]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY

Config file

[profile iam-user]
region = us-east-1
output = json

[profile iam-assume-role]
source_profile = iam-user
role_arn = arn:aws:iam::777788889999:role/user-role
role_session_name = my-session
region = ap-south-1
output = json

Federated login

Using IAM Identity Center, you can log in to Active Directory, a built-in IAM Identity Center directory, or another IdP connected to IAM Identity Center. You can map these credentials to an AWS Identity and Access Management (IAM) role for you to run AWS CLI commands.

In the following examples, using aws-sso profile assumes sso-read-only-role on 111122223333 account.

Config file

[profile aws-sso]
sso_session = my-sso-session
sso_account_id = 111122223333
sso_role_name = sso-read-only-role
role_session_name = my-session
region = us-east-1
output = json

[sso-session my-sso-session]
sso_region = us-east-2
sso_start_url = https://my-sso-portal.awsapps.com/start
sso_registration_scopes = sso:account:access

Refer

The docs


Usage of store-iam-user-credentials

Try aws-fusion store-iam-user-credentials --help for detailed parameter

Store AWS credentials in system default credential store

Use cases

To store IAM user credential in the system credential store for best security rather than plain text ~/.aws/credentials file.

Manually the save the credential in the store using

aws-fusion store-iam-user-credentials \
    --access-key 'AKIAIOSFODNN7EXAMPLE' \
    --secret-key 'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY' \
    --account-id '123456789012' \
    --username 'my-iam-user'

Usage of get-iam-user-credentials

Try aws-fusion get-iam-user-credentials --help for detailed parameter

Retrieve AWS credentials from system default credential store. Optionally plug the CLI to aws external credential process.

Use cases

Configure aws config file to use credential process

Config file

[profile iam-user]
region = us-east-1
output = json
credential_process = aws-fusion get-iam-user-credentials --account-id 123456789012 --username 'my-iam-user' --access-key 'AKIAIOSFODNN7EXAMPLE' --credential-process

Refer

The docs


Usage of generate-okta-device-auth-credentials

Try aws-fusion generate-okta-device-auth-credentials --help for detailed parameter

Simplifies the process of obtaining AWS session credentials using SAML assertion from Okta device authentication

Use cases

Configure aws config file to use credential process

Config file

[profile iam-user]
region = us-east-1
output = json
credential_process = aws-fusion generate-okta-device-auth-credentials --org-domain my.okta.com --oidc-client-id 0pbs4fq1q2vbGoFkC1m7 --aws-acct-fed-app-id 0oa8z9xa8BS9b2AFb1t7 --aws-iam-role arn:aws:iam::123456789012:role/PowerUsers --credential-process

License

This project is licensed under the MIT License - see the LICENSE file for details.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

aws-fusion-1.4.tar.gz (12.2 kB view details)

Uploaded Source

Built Distribution

aws_fusion-1.4-py3-none-any.whl (13.8 kB view details)

Uploaded Python 3

File details

Details for the file aws-fusion-1.4.tar.gz.

File metadata

  • Download URL: aws-fusion-1.4.tar.gz
  • Upload date:
  • Size: 12.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/4.0.2 CPython/3.11.6

File hashes

Hashes for aws-fusion-1.4.tar.gz
Algorithm Hash digest
SHA256 16d60e2f3dd69babc2e5706b3d692561a6dc81a42695b5a8c223f4d047d30d9a
MD5 9a35b60b528c4de485ca75a81a9db184
BLAKE2b-256 f50ab8371948db79b25c8b418312973d48a2af1fe69c66cc16fb9f8007236943

See more details on using hashes here.

Provenance

File details

Details for the file aws_fusion-1.4-py3-none-any.whl.

File metadata

  • Download URL: aws_fusion-1.4-py3-none-any.whl
  • Upload date:
  • Size: 13.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/4.0.2 CPython/3.11.6

File hashes

Hashes for aws_fusion-1.4-py3-none-any.whl
Algorithm Hash digest
SHA256 7e8cd8a71e10e1836018fd76ed49c617dac462adf4d89417731bc9b4e72918bf
MD5 68cc10bdf164d8bb1c0f456306aaf8ec
BLAKE2b-256 c1ea42cc84e3b0fbbabc7f3d77230e111b99c21d1ae108c0b50789f95f1ca51f

See more details on using hashes here.

Provenance

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page