aws-vault

command module

v1.0.0 Latest Latest Go to latest Published: Sep 1, 2015 License: MIT Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/alexrudd/aws-vault

Links

Open Source Insights

README ¶

AWS Vault

Securely store and access credentials for AWS. AWS Vault stores IAM credentials in your operating systems secure keystore and then generates temporary credentials from those to expose to your shell and applications. It's designed to be complementary to the aws cli tools, and is aware of your configuration in ~/.aws/config.

Currently OSX and Keychain are supported, with support for Linux and Windows planned.

Usage


# make use of the default profile
$ aws-vault store
Enter Access Key Id: ABDCDEFDASDASF
Enter Secret Key: %

$ aws-vault exec env | grep AWS
AWS_DEFAULT_PROFILE=default
AWS_ACCESS_KEY_ID=asdasd
AWS_SECRET_ACCESS_KEY=aasdasdasda

# add an extra profile
$ aws-vault store --profile work
Enter Access Key Id: ABDCDEFDASDASF
Enter Secret Key: %

$ aws-vault exec --profile work env | grep AWS
AWS_DEFAULT_PROFILE=work
AWS_ACCESS_KEY_ID=asdasd
AWS_SECRET_ACCESS_KEY=aasdasdasda

Multi-Factor Authentication

First you'll need to setup an MFA token in the AWS Console.

Edit your ~/.aws/config to add the mfa_serial into either the default or a profile

[default]
region=us-east-1
mfa_serial = arn:aws:iam::123456789012:mfa/jonsmith

Test it out:

aws-vault exec aws iam get-user
Enter token code for "arn:aws:iam::123456789012:mfa/jonsmith": %
{
    "User": {
        "UserName": "jonsmith",
        "PasswordLastUsed": "2015-01-08T03:01:24Z",
        "CreateDate": "2011-06-13T23:32:35Z",
        "UserId": "AIDAAS545ABFI3NS",
        "Path": "/",
        "Arn": "arn:aws:iam::123456789012:user/jonsmith"
    }
}

References and Inspiration

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

aws-vault.go

Directories ¶

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL

Path	Synopsis
Godeps
_workspace/src/github.com/99designs/go-osxkeychain
_workspace/src/github.com/aws/aws-sdk-go/aws Package aws provides core functionality for making requests to AWS services.	Package aws provides core functionality for making requests to AWS services.
_workspace/src/github.com/aws/aws-sdk-go/aws/awserr Package awserr represents API error interface accessors for the SDK.	Package awserr represents API error interface accessors for the SDK.
_workspace/src/github.com/aws/aws-sdk-go/aws/awsutil
_workspace/src/github.com/aws/aws-sdk-go/aws/credentials Package credentials provides credential retrieval and management The Credentials is the primary method of getting access to and managing credentials Values.	Package credentials provides credential retrieval and management The Credentials is the primary method of getting access to and managing credentials Values.
_workspace/src/github.com/aws/aws-sdk-go/aws/credentials/stscreds Package stscreds are credential Providers to retrieve STS AWS credentials.	Package stscreds are credential Providers to retrieve STS AWS credentials.
_workspace/src/github.com/aws/aws-sdk-go/internal/endpoints Package endpoints validates regional endpoints for services.	Package endpoints validates regional endpoints for services.
_workspace/src/github.com/aws/aws-sdk-go/internal/protocol/query Package query provides serialisation of AWS query requests, and responses.	Package query provides serialisation of AWS query requests, and responses.
_workspace/src/github.com/aws/aws-sdk-go/internal/protocol/query/queryutil
_workspace/src/github.com/aws/aws-sdk-go/internal/protocol/rest Package rest provides RESTful serialisation of AWS requests and responses.	Package rest provides RESTful serialisation of AWS requests and responses.
_workspace/src/github.com/aws/aws-sdk-go/internal/protocol/xml/xmlutil Package xmlutil provides XML serialisation of AWS requests and responses.	Package xmlutil provides XML serialisation of AWS requests and responses.
_workspace/src/github.com/aws/aws-sdk-go/internal/signer/v4 Package v4 implements signing for AWS V4 signer	Package v4 implements signing for AWS V4 signer
_workspace/src/github.com/aws/aws-sdk-go/service/sts Package sts provides a client for AWS Security Token Service.	Package sts provides a client for AWS Security Token Service.
_workspace/src/github.com/aws/aws-sdk-go/service/sts/stsiface Package stsiface provides an interface for the AWS Security Token Service.	Package stsiface provides an interface for the AWS Security Token Service.
_workspace/src/github.com/mitchellh/cli
_workspace/src/github.com/vaughan0/go-ini Package ini provides functions for parsing INI configuration files.	Package ini provides functions for parsing INI configuration files.
_workspace/src/golang.org/x/crypto/ssh/terminal Package terminal provides support functions for dealing with terminals, as commonly found on UNIX systems.	Package terminal provides support functions for dealing with terminals, as commonly found on UNIX systems.
command
keyring
vault