bmx

package module
v0.0.0-...-dc8a8ef Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 1, 2023 License: Apache-2.0 Imports: 14 Imported by: 0

README

This repository is now deprecated, and no longer maintained. It is recommended to look at the upstream project: (https://github.com/Brightspace/bmx/). Please see https://github.com/rtkwlf/bmx/issues/57.

BMX

BMX grants you API access to your AWS accounts, based on Okta credentials that you already own.
It uses your Okta identity to create short-term AWS STS tokens, as an alternative to long-term IAM access keys. BMX manages your STS tokens with the following commands:

  1. bmx print writes your short-term tokens to stdout as AWS environment variables. You can execute bmx print's output to make the environment variables available to your shell.
  2. bmx write writes your short-term tokens to ~/.aws/credentials.

BMX prints detailed usage information when you run bmx -h or bmx <cmd> -h.

BMX was developed by D2L (Brightspace/bmx), and modifications have been made to the project by Arctic Wolf.

Features

  1. BMX is multi-platform: it runs on Linux, Windows, and Mac.
  2. BMX maintains your Okta session for 12 hours: you enter your Okta password once a day, and BMX takes care of the rest.
  3. Project scoped configurations
  4. BMX supports Web and SMS MFA.

Installation

Available versions of BMX are available on the releases page.

Getting Started

To authenticate and obtain a session via the command line, run the following:

bmx login

This will prompt you for your Okta organization and credentials. When you have successfully connected, you can run the following to get a set of IAM STS credentials for use with the AWS API:

bmx print

The command will print a series of environment set commands, that can be used to set the environment variables of the current shell session:

export AWS_SESSION_TOKEN=...
export AWS_ACCESS_KEY_ID=...
export AWS_SECRET_ACCESS_KEY=...

# Run AWSCLI using environment variables for credentials
aws sts get-caller-identity

If you'd like to learn about the ways BMX assists with authenticating to AWS, you can review in the getting started documentation.

Versioning

BMX is maintained under the Semantic Versioning guidelines.

Getting Involved

See CONTRIBUTING.md for guidelines.

Documentation

Index

Constants

View Source 
const (
	Bash       = "bash"
	Powershell = "powershell"
	Json       = "json"
)

Variables

This section is empty.

Functions

func CredentialProcess 

func CredentialProcess(idProvider identityProviders.IdentityProvider, awsProvider serviceProviders.ServiceProvider, consolerw console.ConsoleReader, printOptions CredentialProcessCmdOptions) string

func FindAppByLabel 

func FindAppByLabel(name string, applinks []okta.OktaAppLink) (result okta.OktaAppLink, ok bool)

func GetUserInfoFromCredentialProcessCmdOptions 

func GetUserInfoFromCredentialProcessCmdOptions(printOptions CredentialProcessCmdOptions) serviceProviders.UserInfo

func GetUserInfoFromLoginCmdOptions 

func GetUserInfoFromLoginCmdOptions(loginOptions LoginCmdOptions) serviceProviders.UserInfo

func GetUserInfoFromPrintCmdOptions 

func GetUserInfoFromPrintCmdOptions(printOptions PrintCmdOptions) serviceProviders.UserInfo

func GetUserInfoFromWriteCmdOptions 

func GetUserInfoFromWriteCmdOptions(writeOptions WriteCmdOptions) serviceProviders.UserInfo

func Login 

func Login(idProvider *okta.OktaClient, consolerw console.ConsoleReader, loginOptions LoginCmdOptions) string

func Logout 

func Logout(idProvider *okta.OktaClient)

func Print 

func Print(idProvider identityProviders.IdentityProvider, awsProvider serviceProviders.ServiceProvider, consolerw console.ConsoleReader, printOptions PrintCmdOptions) string

func Write 

func Write(idProvider identityProviders.IdentityProvider, awsProvider serviceProviders.ServiceProvider, consolerw console.ConsoleReader, writeOptions WriteCmdOptions)

Types

type CredentialProcessCmdOptions 

type CredentialProcessCmdOptions struct {
	Org      string
	User     string
	Account  string
	NoMask   bool
	Password string
	Role     string
	Output   string
	Factor   string
}

type CredentialProcessResult 

type CredentialProcessResult struct {
	Version         int
	AccessKeyId     string
	SecretAccessKey string
	SessionToken    string
	Expiration      time.Time
}

type LoginCmdOptions 

type LoginCmdOptions struct {
	Org      string
	User     string
	Account  string
	NoMask   bool
	Password string
	Role     string
	Factor   string
}

type LogoutCmdOptions 

type LogoutCmdOptions struct {
	Org string
}

type PrintCmdOptions 

type PrintCmdOptions struct {
	Org        string
	User       string
	Account    string
	NoMask     bool
	Password   string
	Role       string
	Output     string
	AssumeRole string
	Factor     string
}

type WriteCmdOptions 

type WriteCmdOptions struct {
	Org      string
	User     string
	Account  string
	NoMask   bool
	Password string
	Profile  string
	Output   string
	Role     string
	Factor   string
}

Source Files

View all Source files

Directories

Path Synopsis
cmd
bmx
internal
andybrewer/mack
Mack is a Golang wrapper for AppleScript.
 Mack is a Golang wrapper for AppleScript.
saml
identityProviders
identityProviders/okta
identityProviders/okta/file
identityProviders/okta/mocks
serviceProviders
serviceProviders/aws
serviceProviders/aws/mocks

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.