aws-mfa-secure 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,4 @@
1
+ ## Examples
2
+
3
+ aws-mfa-secure session --version
4
+ aws-mfa-secure session s3 ls
@@ -0,0 +1,17 @@
1
+ Quick way to clean up AWS_* env variables.
2
+
3
+ ## Example
4
+
5
+ aws-mfa-secure unsets
6
+
7
+ ## Example with Output
8
+
9
+ $ aws-mfa-secure unsets # generates script
10
+ unset AWS_ACCESS_KEY_ID
11
+ unset AWS_SECRET_ACCESS_KEY
12
+ unset AWS_SESSION_TOKEN
13
+ $
14
+
15
+ Eval example:
16
+
17
+ $ eval `aws-mfa-secure unsets` # to unset
@@ -0,0 +1,26 @@
1
+ module AwsMfaSecure
2
+ class Session < Base
3
+ def initialize(options={}, *argv)
4
+ @options = options
5
+ @argv = ["aws"] + argv
6
+ @aws_profile = aws_profile
7
+ end
8
+
9
+ def run
10
+ unless iam_mfa?
11
+ exec(*@argv) # will never get pass this point if there's no mfa_serial setting
12
+ end
13
+
14
+ if fetch_creds?
15
+ resp = get_session_token(shell: true)
16
+ save_creds(resp.credentials.to_h)
17
+ end
18
+
19
+ # Set AWS_ values unless alredy set
20
+ ENV['AWS_ACCESS_KEY_ID'] ||= credentials["access_key_id"]
21
+ ENV['AWS_SECRET_ACCESS_KEY'] ||= credentials["secret_access_key"]
22
+ ENV['AWS_SESSION_TOKEN'] ||= credentials["session_token"]
23
+ exec(*@argv)
24
+ end
25
+ end
26
+ end
@@ -0,0 +1,19 @@
1
+ module AwsMfaSecure
2
+ class Unsets < Base
3
+ def initialize(options={})
4
+ @options = options
5
+ end
6
+
7
+ def run
8
+ puts script
9
+ end
10
+
11
+ def script
12
+ <<~EOL
13
+ unset AWS_ACCESS_KEY_ID
14
+ unset AWS_SECRET_ACCESS_KEY
15
+ unset AWS_SESSION_TOKEN
16
+ EOL
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,3 @@
1
+ module AwsMfaSecure
2
+ VERSION = "0.1.0"
3
+ end
@@ -0,0 +1,6 @@
1
+ {
2
+ "access_key_id": "ASIAXZ6ODJLQ2EXAMPLE",
3
+ "secret_access_key": "rRXp77aa5AGaBhn/2ui4dwouwrWQpDh+8EXAMPLE",
4
+ "session_token": "IQoJb3JpZ2luX2VjEKr//////////wEaCXVzLWVhc3QtMSJIMEYCIQD7bDfaUQ4thxeetSLYSAiN1RTvHL0CbCR2wWA/hzyBUQIhAIkyZ51C2LOc9QgJ8Icp1D73MyctiuyAl5Ksapk9MIk0KrIBCMP//////////wEQARoMNTM2NzY2MjcwMTc3IgxnlOoRS1HMP1wVWKUqhgGZ5eYSTxfxcDCLXdu6aaE+FgyhoLoZ+K5lvSEXe/GFWhudXE+jIHCRPJCzDmcBfbAey/r3Mm+S9hQ4TUz9B3gm5/tS9Z7hcbDht2wmDdrCNVQ64Ssm2S0/J2ReTenfShaoqFgbDa4BYnblD2NW1BiLQdvsuwMoJKMdkRCG0wRptcZFy0cVnDCS+ZvuBTrdAT6UKjf/SFGcpQqx+qWKPtoATzNeyJXlGpH/RGHq42S9Ilb0ATKpfsS00+I2gAnFcSsX+yq6nvBq5pNmSIZl4OXrN+vcJhHESOJgfYH02Xe/wLW8NAuA6fJVJsPPvQ2wwJcB8xfxTBI1VgCQNtGeQsHfUDhIjO26GGZsgh7Vlz8TB0pnkarkovsc8TWUOevF2BafYjGoIq18kDsGE7r2FqumCab8a5wD95Jdi7KxRdtDMeJb4fDqSuApB0WbmKuCT/YlbVJjQ98YiftsjRr6D7fZDk5u/00abEXAMPLE",
5
+ "expiration": "2019-11-10T05:51:14Z"
6
+ }
@@ -0,0 +1,18 @@
1
+ describe AwsMfaSecure::CLI do
2
+ describe "aws-mfa-secure" do
3
+ it "exports" do
4
+ out = execute("exe/aws-mfa-secure exports")
5
+ expect(out).to include("AWS_ACCESS_KEY_ID")
6
+ end
7
+
8
+ it "unsets" do
9
+ out = execute("exe/aws-mfa-secure unsets")
10
+ expect(out).to include("AWS_ACCESS_KEY_ID")
11
+ end
12
+
13
+ it "session" do
14
+ out = execute("exe/aws-mfa-secure session --version 2>&1")
15
+ expect(out).to include("aws-cli")
16
+ end
17
+ end
18
+ end
@@ -0,0 +1,20 @@
1
+ AwsMfaSecure::Base # autoload
2
+ module AwsMfaSecure
3
+ class Base
4
+ def session_creds_path
5
+ "#{Dir.pwd}/spec/fixtures/aws-mfa-secure-sessions/fake_credentials"
6
+ end
7
+
8
+ def fetch_creds?
9
+ false
10
+ end
11
+
12
+ def iam_mfa?
13
+ true
14
+ end
15
+
16
+ def aws_configure_get(*)
17
+ "fake"
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,29 @@
1
+ ENV["AWS_MFA_SECURE_TEST"] = "1"
2
+
3
+ # CodeClimate test coverage: https://docs.codeclimate.com/docs/configuring-test-coverage
4
+ # require 'simplecov'
5
+ # SimpleCov.start
6
+
7
+ require "pp"
8
+ require "byebug"
9
+ root = File.expand_path("../", File.dirname(__FILE__))
10
+ require "#{root}/lib/aws-mfa-secure"
11
+
12
+ module Helper
13
+ def execute(cmd)
14
+ puts "Running: #{cmd}" if show_command?
15
+ out = `#{cmd}`
16
+ puts out if show_command?
17
+ out
18
+ end
19
+
20
+ # Added SHOW_COMMAND because DEBUG is also used by other libraries like
21
+ # bundler and it shows its internal debugging logging also.
22
+ def show_command?
23
+ ENV['DEBUG'] || ENV['SHOW_COMMAND']
24
+ end
25
+ end
26
+
27
+ RSpec.configure do |c|
28
+ c.include Helper
29
+ end
metadata ADDED
@@ -0,0 +1,239 @@
1
+ --- !ruby/object:Gem::Specification
2
+ name: aws-mfa-secure
3
+ version: !ruby/object:Gem::Version
4
+ version: 0.1.0
5
+ platform: ruby
6
+ authors:
7
+ - Tung Nguyen
8
+ autorequire:
9
+ bindir: exe
10
+ cert_chain: []
11
+ date: 2019-11-09 00:00:00.000000000 Z
12
+ dependencies:
13
+ - !ruby/object:Gem::Dependency
14
+ name: activesupport
15
+ requirement: !ruby/object:Gem::Requirement
16
+ requirements:
17
+ - - ">="
18
+ - !ruby/object:Gem::Version
19
+ version: '0'
20
+ type: :runtime
21
+ prerelease: false
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - ">="
25
+ - !ruby/object:Gem::Version
26
+ version: '0'
27
+ - !ruby/object:Gem::Dependency
28
+ name: aws-sdk-core
29
+ requirement: !ruby/object:Gem::Requirement
30
+ requirements:
31
+ - - ">="
32
+ - !ruby/object:Gem::Version
33
+ version: '0'
34
+ type: :runtime
35
+ prerelease: false
36
+ version_requirements: !ruby/object:Gem::Requirement
37
+ requirements:
38
+ - - ">="
39
+ - !ruby/object:Gem::Version
40
+ version: '0'
41
+ - !ruby/object:Gem::Dependency
42
+ name: memoist
43
+ requirement: !ruby/object:Gem::Requirement
44
+ requirements:
45
+ - - ">="
46
+ - !ruby/object:Gem::Version
47
+ version: '0'
48
+ type: :runtime
49
+ prerelease: false
50
+ version_requirements: !ruby/object:Gem::Requirement
51
+ requirements:
52
+ - - ">="
53
+ - !ruby/object:Gem::Version
54
+ version: '0'
55
+ - !ruby/object:Gem::Dependency
56
+ name: rainbow
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - ">="
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :runtime
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - ">="
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
69
+ - !ruby/object:Gem::Dependency
70
+ name: thor
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - ">="
74
+ - !ruby/object:Gem::Version
75
+ version: '0'
76
+ type: :runtime
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - ">="
81
+ - !ruby/object:Gem::Version
82
+ version: '0'
83
+ - !ruby/object:Gem::Dependency
84
+ name: zeitwerk
85
+ requirement: !ruby/object:Gem::Requirement
86
+ requirements:
87
+ - - ">="
88
+ - !ruby/object:Gem::Version
89
+ version: '0'
90
+ type: :runtime
91
+ prerelease: false
92
+ version_requirements: !ruby/object:Gem::Requirement
93
+ requirements:
94
+ - - ">="
95
+ - !ruby/object:Gem::Version
96
+ version: '0'
97
+ - !ruby/object:Gem::Dependency
98
+ name: bundler
99
+ requirement: !ruby/object:Gem::Requirement
100
+ requirements:
101
+ - - ">="
102
+ - !ruby/object:Gem::Version
103
+ version: '0'
104
+ type: :development
105
+ prerelease: false
106
+ version_requirements: !ruby/object:Gem::Requirement
107
+ requirements:
108
+ - - ">="
109
+ - !ruby/object:Gem::Version
110
+ version: '0'
111
+ - !ruby/object:Gem::Dependency
112
+ name: byebug
113
+ requirement: !ruby/object:Gem::Requirement
114
+ requirements:
115
+ - - ">="
116
+ - !ruby/object:Gem::Version
117
+ version: '0'
118
+ type: :development
119
+ prerelease: false
120
+ version_requirements: !ruby/object:Gem::Requirement
121
+ requirements:
122
+ - - ">="
123
+ - !ruby/object:Gem::Version
124
+ version: '0'
125
+ - !ruby/object:Gem::Dependency
126
+ name: cli_markdown
127
+ requirement: !ruby/object:Gem::Requirement
128
+ requirements:
129
+ - - ">="
130
+ - !ruby/object:Gem::Version
131
+ version: '0'
132
+ type: :development
133
+ prerelease: false
134
+ version_requirements: !ruby/object:Gem::Requirement
135
+ requirements:
136
+ - - ">="
137
+ - !ruby/object:Gem::Version
138
+ version: '0'
139
+ - !ruby/object:Gem::Dependency
140
+ name: rake
141
+ requirement: !ruby/object:Gem::Requirement
142
+ requirements:
143
+ - - ">="
144
+ - !ruby/object:Gem::Version
145
+ version: '0'
146
+ type: :development
147
+ prerelease: false
148
+ version_requirements: !ruby/object:Gem::Requirement
149
+ requirements:
150
+ - - ">="
151
+ - !ruby/object:Gem::Version
152
+ version: '0'
153
+ - !ruby/object:Gem::Dependency
154
+ name: rspec
155
+ requirement: !ruby/object:Gem::Requirement
156
+ requirements:
157
+ - - ">="
158
+ - !ruby/object:Gem::Version
159
+ version: '0'
160
+ type: :development
161
+ prerelease: false
162
+ version_requirements: !ruby/object:Gem::Requirement
163
+ requirements:
164
+ - - ">="
165
+ - !ruby/object:Gem::Version
166
+ version: '0'
167
+ description:
168
+ email:
169
+ - tongueroo@gmail.com
170
+ executables:
171
+ - aws-mfa-secure
172
+ extensions: []
173
+ extra_rdoc_files: []
174
+ files:
175
+ - ".gitignore"
176
+ - ".rspec"
177
+ - CHANGELOG.md
178
+ - Gemfile
179
+ - Gemfile.lock
180
+ - Guardfile
181
+ - LICENSE.txt
182
+ - README.md
183
+ - Rakefile
184
+ - aws-mfa-secure.gemspec
185
+ - docs/how-it-works.md
186
+ - exe/aws-mfa-secure
187
+ - lib/aws-mfa-secure.rb
188
+ - lib/aws_mfa_secure.rb
189
+ - lib/aws_mfa_secure/autoloader.rb
190
+ - lib/aws_mfa_secure/base.rb
191
+ - lib/aws_mfa_secure/cli.rb
192
+ - lib/aws_mfa_secure/command.rb
193
+ - lib/aws_mfa_secure/completer.rb
194
+ - lib/aws_mfa_secure/completer/script.rb
195
+ - lib/aws_mfa_secure/completer/script.sh
196
+ - lib/aws_mfa_secure/credentials.rb
197
+ - lib/aws_mfa_secure/exports.rb
198
+ - lib/aws_mfa_secure/ext/aws.rb
199
+ - lib/aws_mfa_secure/help.rb
200
+ - lib/aws_mfa_secure/help/completion.md
201
+ - lib/aws_mfa_secure/help/completion_script.md
202
+ - lib/aws_mfa_secure/help/exports.md
203
+ - lib/aws_mfa_secure/help/session.md
204
+ - lib/aws_mfa_secure/help/unsets.md
205
+ - lib/aws_mfa_secure/session.rb
206
+ - lib/aws_mfa_secure/unsets.rb
207
+ - lib/aws_mfa_secure/version.rb
208
+ - spec/fixtures/aws-mfa-secure-sessions/fake_credentials
209
+ - spec/lib/cli_spec.rb
210
+ - spec/monkey_patches.rb
211
+ - spec/spec_helper.rb
212
+ homepage: https://github.com/tongueroo/aws-mfa-secure
213
+ licenses:
214
+ - MIT
215
+ metadata: {}
216
+ post_install_message:
217
+ rdoc_options: []
218
+ require_paths:
219
+ - lib
220
+ required_ruby_version: !ruby/object:Gem::Requirement
221
+ requirements:
222
+ - - ">="
223
+ - !ruby/object:Gem::Version
224
+ version: '0'
225
+ required_rubygems_version: !ruby/object:Gem::Requirement
226
+ requirements:
227
+ - - ">="
228
+ - !ruby/object:Gem::Version
229
+ version: '0'
230
+ requirements: []
231
+ rubygems_version: 3.0.6
232
+ signing_key:
233
+ specification_version: 4
234
+ summary: Adds MFA Support to AWS CLI and Ruby SDKs for normal IAM user
235
+ test_files:
236
+ - spec/fixtures/aws-mfa-secure-sessions/fake_credentials
237
+ - spec/lib/cli_spec.rb
238
+ - spec/monkey_patches.rb
239
+ - spec/spec_helper.rb