Skip to main content

Get temporary credentials for AWS roles.

Project description

awsudo is a command-line tool that requests temporary credentials from STS to use an IAM role.

If MFA is enabled, you’ll be prompted for the token code.

Usage

First, you need to define your credentials in ~/.aws/credentials:

[default]
aws_access_key_id = AKIAIJFLKDSJFKLDSZ2Q
aws_secret_access_key = Eoz3FDKJLSfdsJLKFDjflsFDjklJFDjfdFDjdOKa

Then define your profiles in ~/.aws/config:

[profile administrator@development]
role_arn = arn:aws:iam::00000000002:role/administrator
source_profile = default
mfa_serial = arn:aws:iam::00000000001:mfa/pmuller

[profile administrator@staging]
role_arn = arn:aws:iam::00000000003:role/administrator
source_profile = default
mfa_serial = arn:aws:iam::00000000001:mfa/pmuller

[profile administrator@production]
role_arn = arn:aws:iam::00000000004:role/administrator
source_profile = default
mfa_serial = arn:aws:iam::00000000001:mfa/pmuller

You can use awsudo either to get temporary credentials as ready-to-use environment variables:

$ awsudo administrator@staging
Enter MFA code:
AWS_ACCESS_KEY_ID=ASIAJFSDLKJFS3VLA
AWS_SECRET_ACCESS_KEY=UKvIegRLKJSFLKJFDSLKFJSDLKJ
AWS_SESSION_TOKEN=FQoDYXdzEHIaDONIt4M0O10zRms0ac2.....

Or to directly run another executable with credentials defined in its environment:

$ awsudo administrator@development aws iam list-groups
Enter MFA code:
{
    "Groups": [
        {
            "Path": "/",
            "CreateDate": "2016-08-01T02:13:52Z",
            "GroupId": "AGPAILKJFSDLFKJSDLFS2",
            "Arn": "arn:aws:iam::1234567890:group/administrators",
            "GroupName": "administrators"
        },
        {
            "Path": "/",
            "CreateDate": "2016-08-01T02:24:05Z",
            "GroupId": "AGPAFSJDKLJFDSLKJFST6",
            "Arn": "arn:aws:iam::1234567890:group/users",
            "GroupName": "users"
        }
    ]
}

Development

Run tests:

$ make check

Project details


Release history Release notifications

This version
History Node

0.2.0

History Node

0.1.2

History Node

0.1.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
awsudo-0.2.0.tar.gz (3.3 kB) Copy SHA256 hash SHA256 Source None Aug 4, 2016

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging CloudAMQP CloudAMQP RabbitMQ AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page