Skip to main content
Join the official 2019 Python Developers SurveyStart the survey!

Generates AWS credentials for roles using STS

Project description

https://img.shields.io/pypi/v/aws_role_credentials.svg https://snap-ci.com/ThoughtWorksInc/aws_role_credentials/branch/master/build_image

Generates AWS credentials for roles using STS and writes them to `~/.aws/credentials`

Usage

Simply pipe a SAML assertion into awssaml

# create credentials from saml assertion
$ oktaauth -u jobloggs | aws_role_credentials saml --profile dev

Or for assuming a role using an IAM user:

# create credentials from an iam user
$ aws_role_credentials user \
  arn:aws:iam::111111:role/dev jobloggs-session \
  --profile dev

For roles that require MFA:

# create credentials from an iam user with mfa
$ aws_role_credentials user \
  arn:aws:iam::111111:role/dev jobloggs-session \
  --profile dev \
  --mfa-serial-number arn:aws:iam::111111:mfa/Jo \
  --mfa-token 102345

Transient mode

`aws_role_credentials` also supports ‘transient’ mode where the credentials are passed to a command as environment variables within the process. This adds an extra layer of safety and convinience.

To use transient mode simply pass a command to the `--exec` option like so:

# run 'aws s3 ls' with the generated role credentials from an iam user
$ aws_role_credentials user \
  arn:aws:iam::111111:role/dev jobloggs-session \
  --exec 'aws s3 ls'

Options

--profile Use a specific profile in your credential file (e.g. Development). Defaults to sts.
--region The region to use. Overrides config/env settings. Defaults to us-east-1.
--exec The command to execute with the AWS credentials

Authors

  • Peter Gillard-Moss

History

0.1.0 (2015-01-11)

  • First release on PyPI.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for aws_role_credentials, version 0.6.3
Filename, size File type Python version Upload date Hashes
Filename, size aws_role_credentials-0.6.3-py2.py3-none-any.whl (9.5 kB) File type Wheel Python version 2.6 Upload date Hashes View hashes
Filename, size aws_role_credentials-0.6.3.tar.gz (19.6 kB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page