aws_assume_role 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rubocop.yml +3 -0
- data/CHANGELOG.md +4 -1
- data/Gemfile +1 -0
- data/README.md +9 -1
- data/Rakefile +1 -1
- data/aws_assume_role.gemspec +2 -1
- data/lib/aws_assume_role/cli/actions/console.rb +1 -1
- data/lib/aws_assume_role/cli/actions/reset_environment.rb +2 -2
- data/lib/aws_assume_role/cli/actions/run.rb +1 -1
- data/lib/aws_assume_role/cli/actions/set_environment.rb +1 -1
- data/lib/aws_assume_role/cli/actions/test.rb +1 -1
- data/lib/aws_assume_role/credentials/factories/environment.rb +5 -5
- data/lib/aws_assume_role/credentials/providers/assume_role_credentials.rb +1 -1
- data/lib/aws_assume_role/version.rb +1 -1
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 0ce405e4811023c4452afc56ecff14db811f6688
|
|
4
|
+
data.tar.gz: 2db25acdd8e183f631a21f3100002689f218c463
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 42c5c843da415cf310e5ba0e3f1e138eb05bb72427b6965594f12033881caae18d5434ee74121f6edb4aa46c567b657f2c7dbda6ebbacce927249fa56d2184e7
|
|
7
|
+
data.tar.gz: 34426b7182d419a5e817dae23c37cd9b53de59adec5438f9e46a4a25230f8dd58ff4c260b0e1fd92b6d08e88e2bf481f27be99da9c7f51669d0ff07313029f1f
|
data/.rubocop.yml
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -1,7 +1,10 @@
|
|
|
1
|
+
## 0.2.1
|
|
2
|
+
* Loosen requirement on highline to improve compatibility with Puppet tools (@randomvariable)
|
|
3
|
+
|
|
1
4
|
## 0.2.0
|
|
2
5
|
|
|
3
6
|
* Add support for Yubikey as a source for MFA (@davbo)
|
|
4
|
-
* Remove expired
|
|
7
|
+
* Remove expired credentials before writing new STS credentials (@davbo)
|
|
5
8
|
|
|
6
9
|
## 0.1.2
|
|
7
10
|
|
data/Gemfile
CHANGED
data/README.md
CHANGED
|
@@ -27,7 +27,10 @@ For more information on role assumption, see the [AWS documentation](https://doc
|
|
|
27
27
|
Requirements
|
|
28
28
|
------------
|
|
29
29
|
* Ruby ≥ 2.1
|
|
30
|
-
*
|
|
30
|
+
* macOS Keychain / GNOME Keyring
|
|
31
|
+
* At least one account with Amazon Web Services
|
|
32
|
+
* An IAM role configured in the target account
|
|
33
|
+
* An IAM user with rights to assume that role
|
|
31
34
|
|
|
32
35
|
Install
|
|
33
36
|
-------
|
|
@@ -53,6 +56,11 @@ yum install gobject-introspection-devel
|
|
|
53
56
|
```
|
|
54
57
|
Setup
|
|
55
58
|
-----
|
|
59
|
+
|
|
60
|
+
You should already have an IAM user that you can log in to via AWS' console.
|
|
61
|
+
If you do not already have an AWS access key and matching secret key for your
|
|
62
|
+
own IAM user, use the AWS console to create that credential pair.
|
|
63
|
+
|
|
56
64
|
aws-assume-role works best if you also store permanent credentials in your keystore:
|
|
57
65
|
|
|
58
66
|
``` sh
|
data/Rakefile
CHANGED
|
@@ -13,7 +13,7 @@ begin
|
|
|
13
13
|
rescue LoadError # rubocop:disable Lint/HandleExceptions
|
|
14
14
|
end
|
|
15
15
|
|
|
16
|
-
task :test => [
|
|
16
|
+
task :test => %i[no_pry rubocop spec] # rubocop:disable Style/HashSyntax
|
|
17
17
|
|
|
18
18
|
task :no_pry do
|
|
19
19
|
files = Dir.glob("**/**").reject { |x| x.match(/^spec|Gemfile|coverage|\.gemspec$|Rakefile/) || File.directory?(x) }
|
data/aws_assume_role.gemspec
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
# coding: utf-8
|
|
2
|
+
|
|
2
3
|
$LOAD_PATH << File.expand_path("../lib", __FILE__)
|
|
3
4
|
require "aws_assume_role/version"
|
|
4
5
|
Gem::Specification.new do |spec|
|
|
@@ -29,7 +30,7 @@ Gem::Specification.new do |spec|
|
|
|
29
30
|
spec.add_runtime_dependency "dry-types", "~> 0.9"
|
|
30
31
|
spec.add_runtime_dependency "dry-validation", "~> 0.10"
|
|
31
32
|
spec.add_runtime_dependency "gli", "~> 2.15"
|
|
32
|
-
spec.add_runtime_dependency "highline", "~> 1.
|
|
33
|
+
spec.add_runtime_dependency "highline", "~> 1.6"
|
|
33
34
|
spec.add_runtime_dependency "i18n", "~> 0.7"
|
|
34
35
|
spec.add_runtime_dependency "inifile", "~> 3.0"
|
|
35
36
|
spec.add_runtime_dependency "launchy", "~> 2.4"
|
|
@@ -20,7 +20,7 @@ class AwsAssumeRole::Cli::Actions::Console < AwsAssumeRole::Cli::Actions::Abstra
|
|
|
20
20
|
required(:role_arn).maybe
|
|
21
21
|
required(:role_session_name).maybe
|
|
22
22
|
required(:duration_seconds).maybe
|
|
23
|
-
rule(role_specification: [
|
|
23
|
+
rule(role_specification: %i[profile role_arn role_session_name duration_seconds]) do |p, r, s, d|
|
|
24
24
|
(p.filled? | p.empty? & r.filled?) & (r.filled? > s.filled? & d.filled?)
|
|
25
25
|
end
|
|
26
26
|
end
|
|
@@ -27,13 +27,13 @@ class AwsAssumeRole::Cli::Actions::ResetEnvironment < AwsAssumeRole::Cli::Action
|
|
|
27
27
|
def act_on(config)
|
|
28
28
|
shell_strings = SHELL_STRINGS[config.shell_type.to_sym]
|
|
29
29
|
str = ""
|
|
30
|
-
%w
|
|
30
|
+
%w[AWS_ACCESS_KEY_ID
|
|
31
31
|
AWS_SECRET_ACCESS_KEY
|
|
32
32
|
AWS_SESSION_TOKEN
|
|
33
33
|
AWS_PROFILE
|
|
34
34
|
AWS_ASSUME_ROLE_LOG_LEVEL
|
|
35
35
|
GLI_DEBUG
|
|
36
|
-
AWS_ASSUME_ROLE_KEYRING_BACKEND
|
|
36
|
+
AWS_ASSUME_ROLE_KEYRING_BACKEND].each do |key|
|
|
37
37
|
str << format(shell_strings[:env_command], key: key) if ENV.fetch(key, false)
|
|
38
38
|
end
|
|
39
39
|
str << "# #{pastel.yellow t(shell_strings.fetch(:footer, 'commands.set_environment.shells.others'))}"
|
|
@@ -12,7 +12,7 @@ class AwsAssumeRole::Cli::Actions::Run < AwsAssumeRole::Cli::Actions::AbstractAc
|
|
|
12
12
|
required(:role_arn).maybe
|
|
13
13
|
required(:role_session_name).maybe
|
|
14
14
|
required(:duration_seconds).maybe
|
|
15
|
-
rule(role_specification: [
|
|
15
|
+
rule(role_specification: %i[profile role_arn role_session_name duration_seconds]) do |p, r, s, d|
|
|
16
16
|
(p.filled? | p.empty? & r.filled?) & (r.filled? > s.filled? & d.filled?)
|
|
17
17
|
end
|
|
18
18
|
end
|
|
@@ -30,7 +30,7 @@ class AwsAssumeRole::Cli::Actions::SetEnvironment < AwsAssumeRole::Cli::Actions:
|
|
|
30
30
|
required(:role_arn).maybe { filled? > format?(ROLE_REGEX) }
|
|
31
31
|
required(:role_session_name).maybe { filled? > format?(ROLE_SESSION_NAME_REGEX) }
|
|
32
32
|
required(:duration_seconds).maybe
|
|
33
|
-
rule(role_specification: [
|
|
33
|
+
rule(role_specification: %i[profile role_arn role_session_name duration_seconds]) do |p, r, s, d|
|
|
34
34
|
(p.filled? | p.empty? & r.filled?) & (r.filled? > s.filled? & d.filled?)
|
|
35
35
|
end
|
|
36
36
|
end
|
|
@@ -11,7 +11,7 @@ class AwsAssumeRole::Cli::Actions::Test < AwsAssumeRole::Cli::Actions::AbstractA
|
|
|
11
11
|
required(:role_arn).maybe
|
|
12
12
|
required(:role_session_name).maybe
|
|
13
13
|
required(:duration_seconds).maybe
|
|
14
|
-
rule(role_specification: [
|
|
14
|
+
rule(role_specification: %i[profile role_arn role_session_name duration_seconds]) do |p, r, s, d|
|
|
15
15
|
(p.filled? | p.empty? & r.filled?) & (r.filled? > s.filled? & d.filled?)
|
|
16
16
|
end
|
|
17
17
|
end
|
|
@@ -5,11 +5,11 @@ class AwsAssumeRole::Credentials::Factories::Environment < AwsAssumeRole::Creden
|
|
|
5
5
|
priority 10
|
|
6
6
|
|
|
7
7
|
def initialize(_options, **)
|
|
8
|
-
key = %w
|
|
9
|
-
secret = %w
|
|
10
|
-
token = %w
|
|
11
|
-
region = %w
|
|
12
|
-
profile = %w
|
|
8
|
+
key = %w[AWS_ACCESS_KEY_ID AMAZON_ACCESS_KEY_ID AWS_ACCESS_KEY]
|
|
9
|
+
secret = %w[AWS_SECRET_ACCESS_KEY AMAZON_SECRET_ACCESS_KEY AWS_SECRET_KEY]
|
|
10
|
+
token = %w[AWS_SESSION_TOKEN AMAZON_SESSION_TOKEN]
|
|
11
|
+
region = %w[AWS_DEFAULT_REGION]
|
|
12
|
+
profile = %w[AWS_PROFILE]
|
|
13
13
|
@credentials = Aws::Credentials.new(envar(key), envar(secret), envar(token))
|
|
14
14
|
@region = envar(region)
|
|
15
15
|
@profile = envar(profile)
|
|
@@ -14,7 +14,7 @@ class AwsAssumeRole::Credentials::Providers::AssumeRoleCredentials
|
|
|
14
14
|
#
|
|
15
15
|
#
|
|
16
16
|
|
|
17
|
-
STS_KEYS = [
|
|
17
|
+
STS_KEYS = %i[role_arn role_session_name policy duration_seconds external_id client credentials region].freeze
|
|
18
18
|
|
|
19
19
|
def initialize(options = {})
|
|
20
20
|
client_opts = {}
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: aws_assume_role
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Jon Topper
|
|
@@ -10,7 +10,7 @@ authors:
|
|
|
10
10
|
autorequire:
|
|
11
11
|
bindir: bin
|
|
12
12
|
cert_chain: []
|
|
13
|
-
date: 2017-03
|
|
13
|
+
date: 2017-04-03 00:00:00.000000000 Z
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|
|
16
16
|
name: activesupport
|
|
@@ -116,14 +116,14 @@ dependencies:
|
|
|
116
116
|
requirements:
|
|
117
117
|
- - "~>"
|
|
118
118
|
- !ruby/object:Gem::Version
|
|
119
|
-
version: '1.
|
|
119
|
+
version: '1.6'
|
|
120
120
|
type: :runtime
|
|
121
121
|
prerelease: false
|
|
122
122
|
version_requirements: !ruby/object:Gem::Requirement
|
|
123
123
|
requirements:
|
|
124
124
|
- - "~>"
|
|
125
125
|
- !ruby/object:Gem::Version
|
|
126
|
-
version: '1.
|
|
126
|
+
version: '1.6'
|
|
127
127
|
- !ruby/object:Gem::Dependency
|
|
128
128
|
name: i18n
|
|
129
129
|
requirement: !ruby/object:Gem::Requirement
|