Get temporary credentials for AWS roles.
Project description
awsudo is a command-line tool that requests temporary credentials from STS to use an IAM role.
If MFA is enabled, you’ll be prompted for the token code.
Usage
First, you need to define your credentials in ~/.aws/credentials:
[default]
aws_access_key_id = AKIAIJFLKDSJFKLDSZ2Q
aws_secret_access_key = Eoz3FDKJLSfdsJLKFDjflsFDjklJFDjfdFDjdOKa
Then define your profiles in ~/.aws/config:
[profile administrator@development]
role_arn = arn:aws:iam::00000000002:role/administrator
source_profile = default
mfa_serial = arn:aws:iam::00000000001:mfa/pmuller
[profile administrator@staging]
role_arn = arn:aws:iam::00000000003:role/administrator
source_profile = default
mfa_serial = arn:aws:iam::00000000001:mfa/pmuller
[profile administrator@production]
role_arn = arn:aws:iam::00000000004:role/administrator
source_profile = default
mfa_serial = arn:aws:iam::00000000001:mfa/pmuller
You can use awsudo either to get temporary credentials as ready-to-use environment variables:
$ awsudo administrator@staging
Enter MFA code:
AWS_ACCESS_KEY_ID=ASIAJFSDLKJFS3VLA
AWS_SECRET_ACCESS_KEY=UKvIegRLKJSFLKJFDSLKFJSDLKJ
AWS_SECURITY_TOKEN=FQoDYXdzEHIaDONIt4M0O10zRms0ac2.....
Or to directly run another executable with credentials defined in its environment:
$ awsudo administrator@development aws iam list-groups
Enter MFA code:
{
"Groups": [
{
"Path": "/",
"CreateDate": "2016-08-01T02:13:52Z",
"GroupId": "AGPAILKJFSDLFKJSDLFS2",
"Arn": "arn:aws:iam::1234567890:group/administrators",
"GroupName": "administrators"
},
{
"Path": "/",
"CreateDate": "2016-08-01T02:24:05Z",
"GroupId": "AGPAFSJDKLJFDSLKJFST6",
"Arn": "arn:aws:iam::1234567890:group/users",
"GroupName": "users"
}
]
}
Development
Run tests:
$ make check
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
awsudo-0.1.2.tar.gz
(3.0 kB
view hashes)