A local daemon-backed AWS temporary credential broker, exposed over a Unix socket and controlled via CLI.

Navigation

Verified details

These details have been verified by PyPI
Project links
Owner
GitHub Statistics

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Mozilla Public License 2.0 (MPL 2.0) (MPL-2.0)
  • Author: Mike Letts
  • Maintainer: 61418
  • Tags aws , cli , credentials , refresh , sts
  • Requires: Python >=3.10
Classifiers
Report project as malware

Project description

elhaz



What is elhaz?

elhaz is a local daemon-backed AWS temporary credential broker, exposed over a Unix socket and controlled via CLI.

Instead of a locally hosted HTTP metadata emulation service (ECS), which is less secure and requires multiple processes for each assumed RoleArn, elhaz runs a single process and serves automatically refreshed temporary AWS credentials on demand.

elhaz caches AWS sessions for however long the daemon is kept alive (or sessions are removed by command), which eliminates redundant session creations and STS calls.

Unix-socket IPC is lightweight and gives a tighter local boundary than HTTP, avoids exposing local credential endpoints over TCP, and allows temporary credentials to live in memory rather than at rest on disk.

Crucially, because elhaz uses boto3-refresh-session as its core dependency for refreshing temporary AWS security credentials, which in turn depends on botocore, elhaz supports IAM Identity Center (SSO) using the AWS CLI.

elhaz makes multi-role local AWS workflows cleaner by combining brokered access, in-memory caching, IAM Identity Center (SSO) support, and host-local IPC into one model.

elhaz was authored by Mike Letts and is maintained by 61418.

Installation

With uv:

uv tool install elhaz

With pipx:

pipx install elhaz

Usage

To get started with using elhaz, check the quickstart guide.

To learn critical concepts for using elhaz, check the concepts section of the docs.

For technical details, check the CLI docs.

License

elhaz is licensed by the Mozilla Public License 2.0 (MPL-2.0).

Contributing

Refer to the contributing guidelines.

Project details

Verified details

These details have been verified by PyPI
Project links
Owner
GitHub Statistics

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Mozilla Public License 2.0 (MPL 2.0) (MPL-2.0)
  • Author: Mike Letts
  • Maintainer: 61418
  • Tags aws , cli , credentials , refresh , sts
  • Requires: Python >=3.10
Classifiers

Release history Release notifications | RSS feed

0.5.2

0.5.1

This version

0.5.0

0.4.2

0.4.1

0.4.0

0.3.0

0.2.0

0.1.8

0.1.7

0.1.6

0.1.5

0.1.4

0.1.3 yanked

Reason this release was yanked:

pipx install broken

0.1.2 yanked

Reason this release was yanked:

pipx install broken

0.1.1 yanked

Reason this release was yanked:

pipx install broken

0.1.0a1 pre-release

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

elhaz-0.5.0.tar.gz (132.1 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

elhaz-0.5.0-py3-none-any.whl (39.4 kB view details)

Uploaded Python 3

File details

Details for the file elhaz-0.5.0.tar.gz.

File metadata

  • Download URL: elhaz-0.5.0.tar.gz
  • Upload date:
  • Size: 132.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for elhaz-0.5.0.tar.gz
Algorithm Hash digest
SHA256 8ed441b01c3f00b9c4df6f2d64a140bb7de13f35a08eedf588cbda037a6fb623
MD5 b89a9757da8e496b5da431d7a0164ae3
BLAKE2b-256 c7461f8f7b32a13cf2d7a4dd4e853a58e2e5e8f473853791ab4a20a1bf8c0647

See more details on using hashes here.

Provenance

The following attestation bundles were made for elhaz-0.5.0.tar.gz:

Publisher: push.yml on 61418/elhaz

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file elhaz-0.5.0-py3-none-any.whl.

File metadata

  • Download URL: elhaz-0.5.0-py3-none-any.whl
  • Upload date:
  • Size: 39.4 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.13

File hashes

Hashes for elhaz-0.5.0-py3-none-any.whl
Algorithm Hash digest
SHA256 b6201c62ac4dd9a36f5d97695e538580fa2f89520534732a1847eacac575d9c3
MD5 a6757ea55400397d351e6e2be4e463d2
BLAKE2b-256 9f2ecbcd00ab49984ae5c274f02704c0d9f9a2533da4d9f4be17f20e9d003b32

See more details on using hashes here.

Provenance

The following attestation bundles were made for elhaz-0.5.0-py3-none-any.whl:

Publisher: push.yml on 61418/elhaz

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page