Skip to content

simonbrady/aws-identity

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

aws-identity

A simple command-line tool to manage temporary STS credentials, written using the AWS SDK for Go. When run without options it will use GetCallerIdentity to display the current user identity. It can also get temporary credentials and inject them into a new shell process as CLI environment variables.

To see a full list of command-line options, use the -h or --help flag.

Installation

First, install Go. Then you can download and build with this one command:

go install github.com/simonbrady/aws-identity@latest

This will also download all required dependencies, and create the binary in your $GOBIN directory ($HOME/go/bin if you haven't explicitly set it).

Use cases

Assume a named role in the same account

Get the account for the current user identity (which could be set through a named profile) then use AssumeRole to assume a named role in that account. Takes an optional MFA token code if the trust condition for assuming the role requires MFA.

aws-identity -r <role-name> [-t <token-code>]

e.g.

$ aws-identity -r admin -t 123456
Spawning /bin/bash for role arn:aws:iam::111122223333:role/admin

Assume a named cross-account role

As above but takes the target account number to assume the role in.

aws-identity -a <account> -r <role-name> [-t <token-code>]

e.g.

$ aws-identity -a 444455556666 -r admin -t 234567
Spawning /bin/bash for role arn:aws:iam::444455556666:role/admin

Authenticate the current user with MFA

Rather than assuming a new role identity, use GetSessionToken to generate temporary credentials for the current identity but with MFA.

aws-identity -t <token-code>

e.g.

$ aws-identity -t 345678
Spawning /bin/bash for user arn:aws:iam::111122223333:user/jrh

This is useful for tools like the Terraform AWS provider that can assume roles but don't prompt for an MFA token.

About

Command-line tool to manage STS credentials

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages