Execute AWS CLI commands after assuming role
Project description
aws-assume |Build Status| |Maintainability|
==========
Execute AWS CLI commands after assuming role
Prerequisite
------------
- **Python 3.6 or above**
- AWS CLI or equivalent AWS supported CLI
Install
-------
Install using pip
::
$ pip install awsassume
Install using setup script
::
$ python setup.py install
Usage
-----
::
usage: awsassume [-h] -a ROLE_ARN -n ROLE_SESSION_NAME [--no-cache]
[-r REGION] [-c COMMAND [COMMAND ...]]
Execute AWS CLI commands after assuming role
optional arguments:
-h, --help show this help message and exit
--no-cache Disable caching of the assumed role response
-r REGION, --region REGION
The region to be associated with the client
-c COMMAND [COMMAND ...], --command COMMAND [COMMAND ...]
The AWS CLI command to execute after assuming role
required arguments:
-a ROLE_ARN, --role-arn ROLE_ARN
The ARN of the role to assume
-n ROLE_SESSION_NAME, --role-session-name ROLE_SESSION_NAME
An identifier for the assumed role session
Caching
~~~~~~~
By default, the assumed role response will be cached to ``~/.awsassume/cache`` and used until it expires.
The cache will expire one hour after the assume role request is successful.
If caching of the assumed role response is undesirable, use the ``--no-cache`` flag to disable caching of the assumed role response.
Example
^^^^^^^
::
$ awsassume -a arn:aws:iam::0123456789012:role/assume_role_test -n sessionname --no-cache
Region
~~~~~~
The ``-r`` or ``--region`` option can be used to set the ``AWS_DEFAULT_REGION`` environment variable.
Example
^^^^^^^
::
$ awsassume -a arn:aws:iam::0123456789012:role/assume_role_test -n sessionname -r ap-southeast-1
Command
~~~~~~~
The ``-c`` or ``--command`` option can be used to pass the AWS CLI that is to be executed after successfully assuming role.
The command will be executed with the following environment variables set to the credentials returned by the assumed role response.
- ``AWS_ACCESS_KEY_ID``
- ``AWS_SECRET_ACCESS_KEY``
- ``AWS_SESSION_TOKEN``
- ``AWS_DEFAULT_REGION`` (only if the ``-r`` or ``--region`` option is set)
Example
^^^^^^^
::
$ awsassume -a arn:aws:iam::0123456789012:role/assume_role_test -n sessionname -c aws s3 ls
If the ``-c`` or ``--command`` option is omitted, the output of the program can be evaluated to export the following environment variables to the current shell.
- ``AWS_ACCESS_KEY_ID``
- ``AWS_SECRET_ACCESS_KEY``
- ``AWS_SESSION_TOKEN``
- ``AWS_DEFAULT_REGION`` (only if the ``-r`` or ``--region`` option is set)
Example
^^^^^^^
::
$ `awsassume -a arn:aws:iam::0123456789012:role/assume_role_test -n sessionname`
Development
-----------
Clone the repository
::
$ git clone https://github.com/zulhilmizainuddin/aws-assume.git
Create and activate virtual environment
::
$ python -m venv ./venv
$ source ./venv/bin/activate
Install into development environment
::
$ python setup.py develop
Run unit test with pytest
::
$ python setup.py test
Run typing checking with mypy
::
$ mypy awsassume
.. |Build Status| image:: https://travis-ci.org/zulhilmizainuddin/aws-assume.svg?branch=master
:target: https://travis-ci.org/zulhilmizainuddin/aws-assume
.. |Maintainability| image:: https://api.codeclimate.com/v1/badges/cc17f352128d8ce24a9c/maintainability
:target: https://codeclimate.com/github/zulhilmizainuddin/aws-assume/maintainability
==========
Execute AWS CLI commands after assuming role
Prerequisite
------------
- **Python 3.6 or above**
- AWS CLI or equivalent AWS supported CLI
Install
-------
Install using pip
::
$ pip install awsassume
Install using setup script
::
$ python setup.py install
Usage
-----
::
usage: awsassume [-h] -a ROLE_ARN -n ROLE_SESSION_NAME [--no-cache]
[-r REGION] [-c COMMAND [COMMAND ...]]
Execute AWS CLI commands after assuming role
optional arguments:
-h, --help show this help message and exit
--no-cache Disable caching of the assumed role response
-r REGION, --region REGION
The region to be associated with the client
-c COMMAND [COMMAND ...], --command COMMAND [COMMAND ...]
The AWS CLI command to execute after assuming role
required arguments:
-a ROLE_ARN, --role-arn ROLE_ARN
The ARN of the role to assume
-n ROLE_SESSION_NAME, --role-session-name ROLE_SESSION_NAME
An identifier for the assumed role session
Caching
~~~~~~~
By default, the assumed role response will be cached to ``~/.awsassume/cache`` and used until it expires.
The cache will expire one hour after the assume role request is successful.
If caching of the assumed role response is undesirable, use the ``--no-cache`` flag to disable caching of the assumed role response.
Example
^^^^^^^
::
$ awsassume -a arn:aws:iam::0123456789012:role/assume_role_test -n sessionname --no-cache
Region
~~~~~~
The ``-r`` or ``--region`` option can be used to set the ``AWS_DEFAULT_REGION`` environment variable.
Example
^^^^^^^
::
$ awsassume -a arn:aws:iam::0123456789012:role/assume_role_test -n sessionname -r ap-southeast-1
Command
~~~~~~~
The ``-c`` or ``--command`` option can be used to pass the AWS CLI that is to be executed after successfully assuming role.
The command will be executed with the following environment variables set to the credentials returned by the assumed role response.
- ``AWS_ACCESS_KEY_ID``
- ``AWS_SECRET_ACCESS_KEY``
- ``AWS_SESSION_TOKEN``
- ``AWS_DEFAULT_REGION`` (only if the ``-r`` or ``--region`` option is set)
Example
^^^^^^^
::
$ awsassume -a arn:aws:iam::0123456789012:role/assume_role_test -n sessionname -c aws s3 ls
If the ``-c`` or ``--command`` option is omitted, the output of the program can be evaluated to export the following environment variables to the current shell.
- ``AWS_ACCESS_KEY_ID``
- ``AWS_SECRET_ACCESS_KEY``
- ``AWS_SESSION_TOKEN``
- ``AWS_DEFAULT_REGION`` (only if the ``-r`` or ``--region`` option is set)
Example
^^^^^^^
::
$ `awsassume -a arn:aws:iam::0123456789012:role/assume_role_test -n sessionname`
Development
-----------
Clone the repository
::
$ git clone https://github.com/zulhilmizainuddin/aws-assume.git
Create and activate virtual environment
::
$ python -m venv ./venv
$ source ./venv/bin/activate
Install into development environment
::
$ python setup.py develop
Run unit test with pytest
::
$ python setup.py test
Run typing checking with mypy
::
$ mypy awsassume
.. |Build Status| image:: https://travis-ci.org/zulhilmizainuddin/aws-assume.svg?branch=master
:target: https://travis-ci.org/zulhilmizainuddin/aws-assume
.. |Maintainability| image:: https://api.codeclimate.com/v1/badges/cc17f352128d8ce24a9c/maintainability
:target: https://codeclimate.com/github/zulhilmizainuddin/aws-assume/maintainability
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
awsassume-0.1.0.tar.gz
(6.2 kB
view hashes)
Built Distribution
awsassume-0.1.0-py3-none-any.whl
(12.6 kB
view hashes)
Close
Hashes for awsassume-0.1.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | e4382a93e26e5200543ba7b2016079bd2bc81a25f68f7f4d5104de980fb0c184 |
|
MD5 | c2440f958cb21f21a0e6481514b6b4c1 |
|
BLAKE2b-256 | cd8f8053de9373850c81c84c230d6e63dd00958bc49045ce3c8b55a9f50511f5 |