A tool to create/refresh a backwards-compatible AWS profile with temporary credentials from a new-style AWS SSO profile.
Project description
refresh-legacy-aws-sso-profile: Backwards-compatible AWS SSO login using new-stile SSO profiles
A simple tool to refresh backwards-compatible AWS profiles using temporary credentials derived from newer SSO profiles.
Table of contents
- Introduction
- Installation
- Usage
- Known issues and limitations
- Getting help
- Contributing
- License
- Authors and history
Introduction
Installation
Prerequisites
Python: Python 3.10+ is required. See your OS documentation for instructions.
From PyPi
The current released version of refresh-legacy-aws-sso-profile can be installed with:
pip3 install refresh-legacy-aws-profile
From GitHub
PDM is required; it can be installed with:
curl -sSL https://pdm-project.org/install-pdm.py | python3 -
Clone the repository and install refresh-legacy-aws-sso-profile into a private virtualenv with:
cd <parent-folder>
git clone https://github.com/mckelvie-org/py-refresh-legacy-aws-sso-profile.git
cd py-refresh-legacy-aws-sso-profile
pdm install
You can then launch a bash shell with the virtualenv activated using:
pdm run bash
Usage
usage: refresh-legacy-aws-sso-profile [-h] [-p PROFILE] [-o OUTPUT_PROFILE] [-c CONFIG] [-l {DEBUG,INFO,WARNING,ERROR,CRITICAL}]
Update legacy AWS SSO profile with temporary creds from new AWS SSO profile. A simple command-line utility that reads temporary AWS credentials from a profile (which may be a newer SSO-based profile) and writes them to a different AWSprofile that can be used by tools that do not yet support the new SSO model. Since the
derived credentials are temporary, they will eventually expire (typically 12 hours SSO refresh). After refreshing SSO credentials, you can run this utility again to update the legacy profile. By default, this utility directly manipulates the ~/.aws/credentials file. An attempt is made to preserve the file's round-trip
integrity.
options:
-h, --help show this help message and exit
-p PROFILE, --profile PROFILE
The input SSO-based AWS profile to use. Defaults to $AWS_PROFILE, or 'default'.
-o OUTPUT_PROFILE, --output-profile OUTPUT_PROFILE
The output AWS profile to update with temporary credentials. Defaults to '<input-profile-name>-legacy-sso'.
-c CONFIG, --config CONFIG
The AWS Configuration file in which to placer the credentials. Defaults to ~/.aws/credentials.
-l {DEBUG,INFO,WARNING,ERROR,CRITICAL}, --log-level {DEBUG,INFO,WARNING,ERROR,CRITICAL}
Set the logging level. Default is 'WARNING'.```
Known issues and limitations
TBD.
Getting help
Please report any problems/issues here.
Contributing
Pull requests welcome.
License
refresh-legacy-aws-sso-profile is distributed under the terms of the MIT License. The license applies to this file and other files in the GitHub repository hosting this file.
Authors and history
The author of refresh-legacy-aws-sso-profile is Sam McKelvie.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for refresh_legacy_aws_sso_profile-0.5.0.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 37367acf9a2e7a107f94a212fc8dac519308b44b0c64bbc79a63be8ca27941e0 |
|
| MD5 | 80a1ae6f2f5d4b6e669fd11ee23e406d |
|
| BLAKE2b-256 | e2a0d7576b555db92901460035437faf2e3b823e0860a0d54cd79dd09519be09 |
Hashes for refresh_legacy_aws_sso_profile-0.5.0-py3-none-any.whl
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 574761ce628702e15428d2846de76ee17f0b204c8ef8c51183e7c7f584262050 |
|
| MD5 | 50daaa8967c18f41ed4686f3a35efb2a |
|
| BLAKE2b-256 | 85746f8b45ab13e616ea2dc7e823a6a618cc5cd67f24bb1ef2c7f66ba57b6afc |
