awsctl

module

v0.5.2 Latest Latest Go to latest Published: Sep 1, 2020 License: MIT

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/outlawlabs/awsctl

Links

Open Source Insights

README ¶

awsctl

CLI based tool to help manage AWS profiles for account enabled with MFA.

Purpose

One main problem that teams face when enforcing MFA device authentication while working with AWS CLI profiles is there are no official stream-lined tool, or tools, to manage your temporary credential sessions easily.

Instead of piecing together some bash, or shell, script to manage and do the magic behind the scenes to authenticate with your credentials, then get the new temporary credentials and save them to your existing file, create a new config/credentials file, or however you might your flow look. This tool is designed to be a single binary that will enable you to create, list, authenticate and generally manage your AWS profiles.

As a side note -- to understand the general flow of how to do this natively with the AWS CLI check out this AWS support article.

Install

To install awsctl checkout the releases page to find the latest download for your operating system.

Usage

To get started with awsctl you will need to ensure you have an AWS IAM account already setup with an MFA device. For more information about checking your MFA status checkout the AWS docs.

New Profile

To create a new MFA profile with awsctl you simply grab your access key credentials from your account, as well as your Assigned MFA device.

You will need to use these when you generate a new AWS profile with awsctl.

Example interactive creation process --

$ awsctl new example
[?]  Enter the AWS region you want to save:
us-east-1
[?]  Enter your MFA serial number for your IAM user:
arn:aws:iam::123456789012:mfa/cowboy
[?]  Enter your generated access key ID:
********************
[?]  Enter your generated secret access key:
****************************************

[ℹ]  Working on your new AWS profile: example
[✔]  Successfully saved new config and credentials for profile: example.
[✈]  Start using your new profile: awsctl auth --help

Authenticate

When you need to authenticate and create a new temporary session for our AWS CLI interactions. We leverage the streamlined functionality in awsctl new command.

Example authentication process --

$ awsctl auth --profile cowboy --duration 129000 --token 639959
[ℹ]  Attempting to authenticate with credentials for profile: cowboy.
[✔]  Successfully created a MFA authenticated session for profile: cowboy.
[✈]  Activate your MFA profile: export AWS_PROFILE=cowboy_mfa

List Profiles

When you want to see what AWS profiles you have on your local machine already you can utilize the command awsctl list command.

Example listing of profiles --

$ awsctl list
+--------------------+--------------------------------------+-----------+
|     PROFILE        |        MFA DEVICE SERIAL ARN         |  REGION   |
+--------------------+--------------------------------------+-----------+
| profile cowboy     | arn:aws:iam::123456789012:mfa/cowboy | us-east-1 |
| profile cowboy_mfa |                                      | us-east-1 |
+--------------------+--------------------------------------+-----------+

Directories ¶

Path	Synopsis
cmd
awsctl
pkg
aws
logger

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL