awskeyring 1.5.0 → 1.8.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/Gemfile +1 -0
- data/LICENSE.txt +1 -1
- data/README.md +7 -2
- data/Rakefile +1 -0
- data/awskeyring.gemspec +4 -2
- data/i18n/en.yml +3 -0
- data/lib/awskeyring.rb +12 -5
- data/lib/awskeyring/awsapi.rb +7 -4
- data/lib/awskeyring/input.rb +5 -5
- data/lib/awskeyring/version.rb +1 -1
- data/lib/awskeyring_command.rb +44 -29
- data/man/awskeyring.5 +101 -2
- metadata +6 -10
- data/CHANGELOG.md +0 -121
- data/CODE_OF_CONDUCT.md +0 -73
- data/CONTRIBUTING.md +0 -48
- data/man/awskeyring.5.ronn +0 -138
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 821682d536efc3d5785f862fb8e1a53fda4107eb18020bc6b3796a1d3654ee7d
|
4
|
+
data.tar.gz: 79bda10be2bfdabb9142e9798cfcdd47a20eba1b1cc4186526ca2f2860253514
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: a84c3ef0c53bdf13a5740e1231494700bd40b91acda358c27c99de2eb8170c8073d98536c3fdfd6973a8f80cf2c3b362b101de83a5415eebada7b3a7f391053c
|
7
|
+
data.tar.gz: 728d2d23bd55a416d39bb94dbc5f7445941a15a64a18ef6f2a070ac6a21a6c9d4b14f3e0f210e6b85a964c08070c5435fc301665d4d6fd4989fe411dfed29efd
|
data/Gemfile
CHANGED
data/LICENSE.txt
CHANGED
data/README.md
CHANGED
@@ -1,8 +1,8 @@
|
|
1
1
|
# Awskeyring
|
2
2
|
|
3
|
-
![Awskeyring](https://raw.githubusercontent.com/servian/awskeyring/
|
3
|
+
![Awskeyring](https://raw.githubusercontent.com/servian/awskeyring/main/awskeyring-144.png)
|
4
4
|
|
5
|
-
* [![Build Status](https://travis-ci.
|
5
|
+
* [![Build Status](https://travis-ci.com/servian/awskeyring.svg?branch=main)](https://travis-ci.com/servian/awskeyring)
|
6
6
|
* [![Gem Version](https://badge.fury.io/rb/awskeyring.svg)](https://badge.fury.io/rb/awskeyring)
|
7
7
|
* [![license MIT](https://img.shields.io/badge/license-MIT-brightgreen.svg)](https://opensource.org/licenses/MIT)
|
8
8
|
* [![All Downloads](https://ruby-gem-downloads-badge.herokuapp.com/awskeyring?type=total)](https://rubygems.org/gems/awskeyring)
|
@@ -27,6 +27,10 @@ Install it with:
|
|
27
27
|
|
28
28
|
$ gem install awskeyring --user-install
|
29
29
|
|
30
|
+
or via [homebrew gem](https://github.com/sportngin/brew-gem):
|
31
|
+
|
32
|
+
$ brew gem install awskeyring
|
33
|
+
|
30
34
|
## Wiki
|
31
35
|
|
32
36
|
Please see the [Wiki](https://github.com/servian/awskeyring/wiki) for full usage instructions and tips.
|
@@ -113,6 +117,7 @@ the [Contributor Covenant](https://contributor-covenant.org) code of conduct.
|
|
113
117
|
|
114
118
|
* Tristan [tristanmorgan](https://github.com/tristanmorgan)
|
115
119
|
* Adam Sir [AzySir](https://github.com/AzySir)
|
120
|
+
* Vito Giarrusso [thtliife](https://github.com/thtliife)
|
116
121
|
|
117
122
|
## License
|
118
123
|
|
data/Rakefile
CHANGED
data/awskeyring.gemspec
CHANGED
@@ -15,14 +15,16 @@ Gem::Specification.new do |spec|
|
|
15
15
|
spec.homepage = Awskeyring::HOMEPAGE
|
16
16
|
spec.licenses = ['MIT']
|
17
17
|
|
18
|
-
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^spec
|
18
|
+
spec.files = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^spec/|^\..*|C.*\.md|.*\.ronn|.*\.png}) }
|
19
19
|
spec.bindir = 'exe'
|
20
20
|
spec.executables = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
|
21
21
|
spec.require_paths = ['lib']
|
22
22
|
|
23
|
+
spec.required_ruby_version = '>= 2.6.0'
|
24
|
+
|
23
25
|
spec.metadata = {
|
24
26
|
'bug_tracker_uri' => "#{Awskeyring::HOMEPAGE}/issues",
|
25
|
-
'changelog_uri' => "#{Awskeyring::HOMEPAGE}/blob/
|
27
|
+
'changelog_uri' => "#{Awskeyring::HOMEPAGE}/blob/main/CHANGELOG.md",
|
26
28
|
'documentation_uri' => "https://rubydoc.info/gems/#{spec.name}/#{Awskeyring::VERSION}",
|
27
29
|
'source_code_uri' => "#{Awskeyring::HOMEPAGE}/tree/v#{Awskeyring::VERSION}",
|
28
30
|
'wiki_uri' => "#{Awskeyring::HOMEPAGE}/wiki"
|
data/i18n/en.yml
CHANGED
@@ -49,6 +49,7 @@ en:
|
|
49
49
|
notoken: 'Do not use saved token.'
|
50
50
|
noremote: 'Do not validate with remote api.'
|
51
51
|
path: 'The service PATH to open.'
|
52
|
+
browser: 'Specify an alternative browser.'
|
52
53
|
role: 'The ROLE to assume.'
|
53
54
|
secret: 'AWS account secret.'
|
54
55
|
unset: 'Unset environment variables.'
|
@@ -75,6 +76,8 @@ en:
|
|
75
76
|
delexpired: '# Removing expired session credentials'
|
76
77
|
exec: '# COMMAND not provided'
|
77
78
|
missing: '# Config missing, run `%{bin} initialise` to recreate.'
|
79
|
+
missing_account: '# No accounts added, run `%{bin} add` to add.'
|
80
|
+
missing_role: '# No roles added, run `%{bin} add-role` to add.'
|
78
81
|
rotate: '# You have two access keys for account %{account}'
|
79
82
|
temporary: '# Using temporary session credentials.'
|
80
83
|
timeout: '# It is STRONGLY recommended to set your keychain to lock in 5 minutes or less.'
|
data/lib/awskeyring.rb
CHANGED
@@ -27,6 +27,8 @@ module Awskeyring # rubocop:disable Metrics/ModuleLength
|
|
27
27
|
DEFAULT_KEY_AGE = 90
|
28
28
|
# Default Console Paths
|
29
29
|
DEFAULT_CONSOLE_LIST = %w[cloudformation ec2/v2 iam rds route53 s3 sns sqs vpc].freeze
|
30
|
+
# Default Browsers
|
31
|
+
DEFAULT_BROWSER_LIST = %w[Brave FireFox Opera Safari Vivaldi].freeze
|
30
32
|
|
31
33
|
# Retrieve the preferences
|
32
34
|
#
|
@@ -174,26 +176,26 @@ module Awskeyring # rubocop:disable Metrics/ModuleLength
|
|
174
176
|
|
175
177
|
# Return a list account item names
|
176
178
|
def self.list_account_names
|
177
|
-
items = list_items.map { |elem| elem.attributes[:label][(ACCOUNT_PREFIX.length)
|
179
|
+
items = list_items.map { |elem| elem.attributes[:label][(ACCOUNT_PREFIX.length)..] }
|
178
180
|
|
179
|
-
tokens = list_tokens.map { |elem| elem.attributes[:label][(SESSION_KEY_PREFIX.length)
|
181
|
+
tokens = list_tokens.map { |elem| elem.attributes[:label][(SESSION_KEY_PREFIX.length)..] }
|
180
182
|
|
181
183
|
(items + tokens).uniq.sort
|
182
184
|
end
|
183
185
|
|
184
186
|
# Return a list role item names
|
185
187
|
def self.list_role_names
|
186
|
-
list_roles.map { |elem| elem.attributes[:label][(ROLE_PREFIX.length)
|
188
|
+
list_roles.map { |elem| elem.attributes[:label][(ROLE_PREFIX.length)..] }.sort
|
187
189
|
end
|
188
190
|
|
189
191
|
# Return a list token item names
|
190
192
|
def self.list_token_names
|
191
|
-
list_tokens.map { |elem| elem.attributes[:label][(SESSION_KEY_PREFIX.length)
|
193
|
+
list_tokens.map { |elem| elem.attributes[:label][(SESSION_KEY_PREFIX.length)..] }.sort
|
192
194
|
end
|
193
195
|
|
194
196
|
# Return a list role item names and arns
|
195
197
|
def self.list_role_names_plus
|
196
|
-
list_roles.map { |elem| "#{elem.attributes[:label][(ROLE_PREFIX.length)
|
198
|
+
list_roles.map { |elem| "#{elem.attributes[:label][(ROLE_PREFIX.length)..]}\t#{elem.attributes[:account]}" }
|
197
199
|
end
|
198
200
|
|
199
201
|
# Return a list of console paths
|
@@ -201,6 +203,11 @@ module Awskeyring # rubocop:disable Metrics/ModuleLength
|
|
201
203
|
prefs.key?('console') ? prefs['console'] : DEFAULT_CONSOLE_LIST
|
202
204
|
end
|
203
205
|
|
206
|
+
# Return a list of browserss
|
207
|
+
def self.list_browsers
|
208
|
+
prefs.key?('browser') ? prefs['browser'] : DEFAULT_BROWSER_LIST
|
209
|
+
end
|
210
|
+
|
204
211
|
# Return Key age warning number
|
205
212
|
def self.key_age
|
206
213
|
prefs.key?('keyage') ? prefs['keyage'] : DEFAULT_KEY_AGE
|
data/lib/awskeyring/awsapi.rb
CHANGED
@@ -27,6 +27,7 @@ module Awskeyring
|
|
27
27
|
AWS_ACCOUNT_NAME
|
28
28
|
AWS_ACCESS_KEY_ID
|
29
29
|
AWS_ACCESS_KEY
|
30
|
+
AWS_CREDENTIAL_EXPIRATION
|
30
31
|
AWS_SECRET_ACCESS_KEY
|
31
32
|
AWS_SECRET_KEY
|
32
33
|
AWS_SECURITY_TOKEN
|
@@ -126,6 +127,8 @@ module Awskeyring
|
|
126
127
|
env_var = {}
|
127
128
|
env_var['AWS_DEFAULT_REGION'] = 'us-east-1' unless region
|
128
129
|
|
130
|
+
params[:expiration] = Time.at(params[:expiry]).iso8601 unless params[:expiry].nil?
|
131
|
+
|
129
132
|
params.each_key do |param_name|
|
130
133
|
AWS_ENV_VARS.each do |var_name|
|
131
134
|
if var_name.include?(param_name.to_s.upcase) && !params[param_name].nil?
|
@@ -142,7 +145,7 @@ module Awskeyring
|
|
142
145
|
# @param [String] key The aws_access_key_id
|
143
146
|
# @param [String] secret The aws_secret_access_key
|
144
147
|
# @param [String] token The aws_session_token
|
145
|
-
def self.verify_cred(key:, secret:, token:)
|
148
|
+
def self.verify_cred(key:, secret:, token: nil)
|
146
149
|
begin
|
147
150
|
ENV['AWS_DEFAULT_REGION'] = 'us-east-1' unless region
|
148
151
|
sts = Aws::STS::Client.new(access_key_id: key, secret_access_key: secret, session_token: token)
|
@@ -198,9 +201,9 @@ module Awskeyring
|
|
198
201
|
sessionToken: token
|
199
202
|
}.to_json
|
200
203
|
|
201
|
-
destination_param =
|
204
|
+
destination_param = "&Destination=#{CGI.escape(console_url)}"
|
202
205
|
|
203
|
-
AWS_SIGNIN_URL
|
206
|
+
"#{AWS_SIGNIN_URL}?Action=login#{token_param(session_json: session_json)}#{destination_param}"
|
204
207
|
end
|
205
208
|
|
206
209
|
# Get the signin token param
|
@@ -214,7 +217,7 @@ module Awskeyring
|
|
214
217
|
returned_content = request.get(uri).body
|
215
218
|
|
216
219
|
signin_token = JSON.parse(returned_content)['SigninToken']
|
217
|
-
|
220
|
+
"&SigninToken=#{CGI.escape(signin_token)}"
|
218
221
|
end
|
219
222
|
|
220
223
|
# Get the current region
|
data/lib/awskeyring/input.rb
CHANGED
@@ -1,7 +1,5 @@
|
|
1
1
|
# frozen_string_literal: true
|
2
2
|
|
3
|
-
require 'io/console'
|
4
|
-
|
5
3
|
# Awskeyring Module,
|
6
4
|
module Awskeyring
|
7
5
|
# Input methods for Awskeyring
|
@@ -15,18 +13,20 @@ module Awskeyring
|
|
15
13
|
end
|
16
14
|
|
17
15
|
private_class_method def self.hide_input # rubocop:disable Metrics/MethodLength
|
16
|
+
require 'io/console'
|
18
17
|
password = +''
|
19
18
|
loop do
|
20
19
|
character = $stdin.getch
|
21
20
|
break unless character
|
22
21
|
|
23
|
-
|
22
|
+
case character
|
23
|
+
when "\n", "\r"
|
24
24
|
puts ''
|
25
25
|
break
|
26
|
-
|
26
|
+
when "\b", "\u007f"
|
27
27
|
password.chop!
|
28
28
|
print "\b\e[P"
|
29
|
-
|
29
|
+
when "\u0003"
|
30
30
|
exit 1
|
31
31
|
else
|
32
32
|
print '*'
|
data/lib/awskeyring/version.rb
CHANGED
data/lib/awskeyring_command.rb
CHANGED
@@ -16,17 +16,17 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
16
16
|
|
17
17
|
map %w[--version -v] => :__version
|
18
18
|
map %w[--help -h] => :help
|
19
|
-
map
|
20
|
-
map
|
21
|
-
map
|
22
|
-
map
|
23
|
-
map
|
24
|
-
map
|
25
|
-
map
|
26
|
-
map
|
27
|
-
map
|
28
|
-
map
|
29
|
-
map
|
19
|
+
map 'init' => :initialise
|
20
|
+
map 'adr' => :add_role
|
21
|
+
map 'con' => :console
|
22
|
+
map 'ls' => :list
|
23
|
+
map 'lsr' => :list_role
|
24
|
+
map 'rm' => :remove
|
25
|
+
map 'rmr' => :remove_role
|
26
|
+
map 'rmt' => :remove_token
|
27
|
+
map 'rot' => :rotate
|
28
|
+
map 'tok' => :token
|
29
|
+
map 'up' => :update
|
30
30
|
|
31
31
|
# default to returning an error on failure.
|
32
32
|
def self.exit_on_failure?
|
@@ -72,6 +72,10 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
72
72
|
desc 'list', I18n.t('list.desc')
|
73
73
|
# list the accounts
|
74
74
|
def list
|
75
|
+
if Awskeyring.list_account_names.empty?
|
76
|
+
warn I18n.t('message.missing_account', bin: File.basename($PROGRAM_NAME))
|
77
|
+
exit 1
|
78
|
+
end
|
75
79
|
puts Awskeyring.list_account_names.join("\n")
|
76
80
|
end
|
77
81
|
|
@@ -80,7 +84,11 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
80
84
|
method_option 'detail', type: :boolean, aliases: '-d', desc: I18n.t('method_option.detail'), default: false
|
81
85
|
# List roles
|
82
86
|
def list_role
|
83
|
-
if
|
87
|
+
if Awskeyring.list_role_names.empty?
|
88
|
+
warn I18n.t('message.missing_role', bin: File.basename($PROGRAM_NAME))
|
89
|
+
exit 1
|
90
|
+
end
|
91
|
+
if options[:detail]
|
84
92
|
puts Awskeyring.list_role_names_plus.join("\n")
|
85
93
|
else
|
86
94
|
puts Awskeyring.list_role_names.join("\n")
|
@@ -92,7 +100,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
92
100
|
method_option 'unset', type: :boolean, aliases: '-u', desc: I18n.t('method_option.unset'), default: false
|
93
101
|
# Print Env vars
|
94
102
|
def env(account = nil)
|
95
|
-
if options[
|
103
|
+
if options[:unset]
|
96
104
|
put_env_string(account: nil, key: nil, secret: nil, token: nil)
|
97
105
|
else
|
98
106
|
account = ask_check(
|
@@ -201,7 +209,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
201
209
|
existing: options[:mfa], message: I18n.t('message.mfa'),
|
202
210
|
flags: 'optional', validator: Awskeyring::Validate.method(:mfa_arn)
|
203
211
|
)
|
204
|
-
Awskeyring::Awsapi.verify_cred(key: key, secret: secret
|
212
|
+
Awskeyring::Awsapi.verify_cred(key: key, secret: secret) unless options['no-remote']
|
205
213
|
Awskeyring.add_account(
|
206
214
|
account: account,
|
207
215
|
key: key,
|
@@ -379,6 +387,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
379
387
|
|
380
388
|
desc 'console ACCOUNT', I18n.t('console.desc')
|
381
389
|
method_option :path, type: :string, aliases: '-p', desc: I18n.t('method_option.path')
|
390
|
+
method_option :browser, type: :string, aliases: '-b', desc: I18n.t('method_option.browser')
|
382
391
|
method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
|
383
392
|
method_option 'no-open', type: :boolean, aliases: '-o', desc: I18n.t('method_option.noopen'), default: false
|
384
393
|
# Open the AWS Console
|
@@ -409,14 +418,16 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
409
418
|
if options['no-open']
|
410
419
|
puts login_url
|
411
420
|
else
|
412
|
-
|
421
|
+
spawn_cmd = options[:browser] ? "open -a \"#{options[:browser]}\" \"#{login_url}\"" : "open \"#{login_url}\""
|
422
|
+
pid = Process.spawn(spawn_cmd)
|
413
423
|
Process.wait pid
|
414
424
|
end
|
415
425
|
end
|
416
426
|
|
417
427
|
desc 'awskeyring CURR PREV', I18n.t('awskeyring.desc'), hide: true
|
428
|
+
map File.basename($PROGRAM_NAME) => :autocomplete
|
418
429
|
# autocomplete
|
419
|
-
def
|
430
|
+
def autocomplete(curr, prev)
|
420
431
|
comp_line = ENV['COMP_LINE']
|
421
432
|
unless comp_line
|
422
433
|
exec_name = File.basename($PROGRAM_NAME)
|
@@ -452,9 +463,11 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
452
463
|
when 'remove-role', '-r', 'rmr'
|
453
464
|
comp_len = 2
|
454
465
|
when '--path', '-p'
|
455
|
-
comp_len =
|
466
|
+
comp_len = 40
|
456
467
|
when 'remove-token', 'rmt'
|
457
|
-
comp_len =
|
468
|
+
comp_len = 50
|
469
|
+
when '--browser', '-b'
|
470
|
+
comp_len = 60
|
458
471
|
end
|
459
472
|
|
460
473
|
[curr, comp_len, sub_cmd]
|
@@ -479,12 +492,14 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
479
492
|
list = Awskeyring.list_account_names
|
480
493
|
when 2
|
481
494
|
list = Awskeyring.list_role_names
|
482
|
-
when 3
|
495
|
+
when 3..10
|
483
496
|
list = list_arguments(command: sub_cmd)
|
484
|
-
when
|
497
|
+
when 40
|
485
498
|
list = Awskeyring.list_console_path
|
486
|
-
when
|
499
|
+
when 50
|
487
500
|
list = Awskeyring.list_token_names
|
501
|
+
when 60
|
502
|
+
list = Awskeyring.list_browsers
|
488
503
|
else
|
489
504
|
exit 1
|
490
505
|
end
|
@@ -492,7 +507,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
492
507
|
end
|
493
508
|
|
494
509
|
def list_commands
|
495
|
-
self.class.all_commands.keys.map { |elem| elem.tr('_', '-') }.reject! { |elem| elem == '
|
510
|
+
self.class.all_commands.keys.map { |elem| elem.tr('_', '-') }.reject! { |elem| elem == 'autocomplete' }
|
496
511
|
end
|
497
512
|
|
498
513
|
def list_arguments(command:)
|
@@ -539,23 +554,23 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
539
554
|
|
540
555
|
def ask(message:, secure: false, optional: false, limited_to: nil)
|
541
556
|
if secure
|
542
|
-
Awskeyring::Input.read_secret(message.rjust(20)
|
557
|
+
Awskeyring::Input.read_secret("#{message.rjust(20)}: ")
|
543
558
|
elsif optional
|
544
|
-
Thor::LineEditor.readline(
|
559
|
+
Thor::LineEditor.readline("#{"#{message} (optional)".rjust(20)}: ")
|
545
560
|
elsif limited_to
|
546
|
-
Thor::LineEditor.readline(message.rjust(20)
|
561
|
+
Thor::LineEditor.readline("#{message.rjust(20)}: ", limited_to: limited_to)
|
547
562
|
else
|
548
|
-
Thor::LineEditor.readline(message.rjust(20)
|
563
|
+
Thor::LineEditor.readline("#{message.rjust(20)}: ")
|
549
564
|
end
|
550
565
|
end
|
551
566
|
|
552
567
|
def unbundle
|
553
568
|
to_delete = ENV.keys.select { |elem| elem.start_with?('BUNDLER_ORIG_') }
|
554
|
-
bundled_env = to_delete.map { |elem| elem[('BUNDLER_ORIG_'.length)
|
569
|
+
bundled_env = to_delete.map { |elem| elem[('BUNDLER_ORIG_'.length)..] }
|
555
570
|
to_delete << 'BUNDLE_GEMFILE'
|
556
571
|
bundled_env.each do |env_name|
|
557
|
-
ENV[env_name] = ENV[
|
558
|
-
to_delete << env_name if ENV[
|
572
|
+
ENV[env_name] = ENV["BUNDLER_ORIG_#{env_name}"]
|
573
|
+
to_delete << env_name if ENV["BUNDLER_ORIG_#{env_name}"].start_with? 'BUNDLER_'
|
559
574
|
end
|
560
575
|
to_delete.each do |env_name|
|
561
576
|
ENV.delete(env_name)
|
data/man/awskeyring.5
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "AWSKEYRING" "5" "
|
4
|
+
.TH "AWSKEYRING" "5" "March 2021" "" ""
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBAwskeyring\fR \- is a small tool to manage AWS account keys in the macOS Keychain
|
@@ -24,36 +24,90 @@ The commands are as follows:
|
|
24
24
|
.IP
|
25
25
|
Prints the version
|
26
26
|
.
|
27
|
+
.br
|
28
|
+
.
|
29
|
+
.IP
|
30
|
+
\-r, \-\-no\-remote: Do not validate with remote api\.
|
31
|
+
.
|
27
32
|
.TP
|
28
33
|
add ACCOUNT:
|
29
34
|
.
|
30
35
|
.IP
|
31
36
|
Adds an ACCOUNT to the keyring
|
32
37
|
.
|
38
|
+
.br
|
39
|
+
.
|
40
|
+
.IP
|
41
|
+
\-k, \-\-key=KEY: AWS account key id\.
|
42
|
+
.
|
43
|
+
.br
|
44
|
+
\-s, \-\-secret=SECRET: AWS account secret\.
|
45
|
+
.
|
46
|
+
.br
|
47
|
+
\-m, \-\-mfa=MFA: AWS virtual mfa arn\.
|
48
|
+
.
|
49
|
+
.br
|
50
|
+
\-r, \-\-no\-remote: Do not validate with remote api\.
|
51
|
+
.
|
33
52
|
.TP
|
34
53
|
add\-role ROLE:
|
35
54
|
.
|
36
55
|
.IP
|
37
56
|
Adds a ROLE to the keyring
|
38
57
|
.
|
58
|
+
.br
|
59
|
+
.
|
60
|
+
.IP
|
61
|
+
\-a, \-\-arn=ARN: AWS role arn\.
|
62
|
+
.
|
39
63
|
.TP
|
40
|
-
console ACCOUNT:
|
64
|
+
awskeyring console ACCOUNT:
|
41
65
|
.
|
42
66
|
.IP
|
43
67
|
Open the AWS Console for the ACCOUNT
|
44
68
|
.
|
69
|
+
.br
|
70
|
+
.
|
71
|
+
.IP
|
72
|
+
\-p, \-\-path=PATH: The service PATH to open\.
|
73
|
+
.
|
74
|
+
.br
|
75
|
+
\-b, \-\-browser=BROWSER: Specify an alternative browser\.
|
76
|
+
.
|
77
|
+
.br
|
78
|
+
\-n, \-\-no\-token: Do not use saved token\.
|
79
|
+
.
|
80
|
+
.br
|
81
|
+
\-o, \-\-no\-open: Do not open the url\.
|
82
|
+
.
|
45
83
|
.TP
|
46
84
|
env ACCOUNT:
|
47
85
|
.
|
48
86
|
.IP
|
49
87
|
Outputs bourne shell environment exports for an ACCOUNT
|
50
88
|
.
|
89
|
+
.br
|
90
|
+
.
|
91
|
+
.IP
|
92
|
+
\-n, \-\-no\-token: Do not use saved token\.
|
93
|
+
.
|
94
|
+
.br
|
95
|
+
\-u, \-\-unset, \-\-no\-unset: Unset environment variables\.
|
96
|
+
.
|
51
97
|
.TP
|
52
98
|
exec ACCOUNT command\.\.\.:
|
53
99
|
.
|
54
100
|
.IP
|
55
101
|
Execute a COMMAND with the environment set for an ACCOUNT
|
56
102
|
.
|
103
|
+
.br
|
104
|
+
.
|
105
|
+
.IP
|
106
|
+
\-n, \-\-no\-token: Do not use saved token\.
|
107
|
+
.
|
108
|
+
.br
|
109
|
+
\-b, \-\-no\-bundle: Unset Bundler environment variables\.
|
110
|
+
.
|
57
111
|
.TP
|
58
112
|
help [COMMAND]:
|
59
113
|
.
|
@@ -66,18 +120,33 @@ import:
|
|
66
120
|
.IP
|
67
121
|
Import an ACCOUNT to the keyring from ~/\.aws/credentials
|
68
122
|
.
|
123
|
+
.br
|
124
|
+
.
|
125
|
+
.IP
|
126
|
+
\-r, \-\-no\-remote: Do not validate with remote api\.
|
127
|
+
.
|
69
128
|
.TP
|
70
129
|
initialise:
|
71
130
|
.
|
72
131
|
.IP
|
73
132
|
Initialises a new KEYCHAIN
|
74
133
|
.
|
134
|
+
.br
|
135
|
+
.
|
136
|
+
.IP
|
137
|
+
\-n, \-\-keychain=KEYCHAIN: Name of KEYCHAIN to initialise\.
|
138
|
+
.
|
75
139
|
.TP
|
76
140
|
json ACCOUNT:
|
77
141
|
.
|
78
142
|
.IP
|
79
143
|
Outputs AWS CLI compatible JSON for an ACCOUNT
|
80
144
|
.
|
145
|
+
.br
|
146
|
+
.
|
147
|
+
.IP
|
148
|
+
\-n, \-\-no\-token: Do not use saved token\.
|
149
|
+
.
|
81
150
|
.TP
|
82
151
|
list:
|
83
152
|
.
|
@@ -90,6 +159,11 @@ list\-role:
|
|
90
159
|
.IP
|
91
160
|
Prints a list of roles in the keyring
|
92
161
|
.
|
162
|
+
.br
|
163
|
+
.
|
164
|
+
.IP
|
165
|
+
\-d, \-\-detail, \-\-no\-detail: Show more detail\.
|
166
|
+
.
|
93
167
|
.TP
|
94
168
|
remove ACCOUNT:
|
95
169
|
.
|
@@ -120,12 +194,34 @@ token ACCOUNT [ROLE] [MFA]:
|
|
120
194
|
.IP
|
121
195
|
Create an STS Token from a ROLE or an MFA code
|
122
196
|
.
|
197
|
+
.br
|
198
|
+
.
|
199
|
+
.IP
|
200
|
+
\-r, \-\-role=ROLE: The ROLE to assume\.
|
201
|
+
.
|
202
|
+
.br
|
203
|
+
\-c, \-\-code=CODE: Virtual mfa CODE\.
|
204
|
+
.
|
205
|
+
.br
|
206
|
+
\-d, \-\-duration=DURATION: Session DURATION in seconds\.
|
207
|
+
.
|
123
208
|
.TP
|
124
209
|
update ACCOUNT:
|
125
210
|
.
|
126
211
|
.IP
|
127
212
|
Updates an ACCOUNT in the keyring
|
128
213
|
.
|
214
|
+
.br
|
215
|
+
.
|
216
|
+
.IP
|
217
|
+
\-k, \-\-key=KEY: AWS account key id\.
|
218
|
+
.
|
219
|
+
.br
|
220
|
+
\-s, \-\-secret=SECRET: AWS account secret\.
|
221
|
+
.
|
222
|
+
.br
|
223
|
+
\-r, \-\-no\-remote: Do not validate with remote api\.
|
224
|
+
.
|
129
225
|
.SH "ENVIRONMENT"
|
130
226
|
The AWS_DEFAULT_REGION environment variable will be used for AWS API calls where specified or fall back to us\-east\-1 when not\.
|
131
227
|
.
|
@@ -188,6 +284,9 @@ Tristan tristanmorgan \fIhttps://github\.com/tristanmorgan\fR
|
|
188
284
|
.IP "\(bu" 4
|
189
285
|
Adam Sir AzySir \fIhttps://github\.com/AzySir\fR
|
190
286
|
.
|
287
|
+
.IP "\(bu" 4
|
288
|
+
Vito Giarrusso thtliife \fIhttps://github\.com/thtliife\fR
|
289
|
+
.
|
191
290
|
.IP "" 0
|
192
291
|
.
|
193
292
|
.SH "LICENSE"
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: awskeyring
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.
|
4
|
+
version: 1.8.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tristan Morgan
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2021-03-19 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-iam
|
@@ -73,9 +73,6 @@ executables:
|
|
73
73
|
extensions: []
|
74
74
|
extra_rdoc_files: []
|
75
75
|
files:
|
76
|
-
- CHANGELOG.md
|
77
|
-
- CODE_OF_CONDUCT.md
|
78
|
-
- CONTRIBUTING.md
|
79
76
|
- Gemfile
|
80
77
|
- LICENSE.txt
|
81
78
|
- README.md
|
@@ -90,15 +87,14 @@ files:
|
|
90
87
|
- lib/awskeyring/version.rb
|
91
88
|
- lib/awskeyring_command.rb
|
92
89
|
- man/awskeyring.5
|
93
|
-
- man/awskeyring.5.ronn
|
94
90
|
homepage: https://github.com/servian/awskeyring
|
95
91
|
licenses:
|
96
92
|
- MIT
|
97
93
|
metadata:
|
98
94
|
bug_tracker_uri: https://github.com/servian/awskeyring/issues
|
99
|
-
changelog_uri: https://github.com/servian/awskeyring/blob/
|
100
|
-
documentation_uri: https://rubydoc.info/gems/awskeyring/1.
|
101
|
-
source_code_uri: https://github.com/servian/awskeyring/tree/v1.
|
95
|
+
changelog_uri: https://github.com/servian/awskeyring/blob/main/CHANGELOG.md
|
96
|
+
documentation_uri: https://rubydoc.info/gems/awskeyring/1.8.2
|
97
|
+
source_code_uri: https://github.com/servian/awskeyring/tree/v1.8.2
|
102
98
|
wiki_uri: https://github.com/servian/awskeyring/wiki
|
103
99
|
post_install_message:
|
104
100
|
rdoc_options: []
|
@@ -108,7 +104,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
108
104
|
requirements:
|
109
105
|
- - ">="
|
110
106
|
- !ruby/object:Gem::Version
|
111
|
-
version:
|
107
|
+
version: 2.6.0
|
112
108
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
113
109
|
requirements:
|
114
110
|
- - ">="
|
data/CHANGELOG.md
DELETED
@@ -1,121 +0,0 @@
|
|
1
|
-
# Changelog
|
2
|
-
|
3
|
-
## [v1.5.0](https://github.com/servian/awskeyring/tree/v1.5.0) (2020-07-08)
|
4
|
-
|
5
|
-
[Full Changelog](https://github.com/servian/awskeyring/compare/v1.4.0...v1.5.0)
|
6
|
-
|
7
|
-
**Implemented enhancements:**
|
8
|
-
|
9
|
-
- No-Bundle env changes for exec. [\#66](https://github.com/servian/awskeyring/pull/66) ([tristanmorgan](https://github.com/tristanmorgan))
|
10
|
-
|
11
|
-
## [v1.4.0](https://github.com/servian/awskeyring/tree/v1.4.0) (2020-06-19)
|
12
|
-
|
13
|
-
[Full Changelog](https://github.com/servian/awskeyring/compare/v1.3.3...v1.4.0)
|
14
|
-
|
15
|
-
**Implemented enhancements:**
|
16
|
-
|
17
|
-
- Import Keys and Tokens from shared credentials files. [\#65](https://github.com/servian/awskeyring/pull/65) ([tristanmorgan](https://github.com/tristanmorgan))
|
18
|
-
|
19
|
-
## [v1.3.3](https://github.com/servian/awskeyring/tree/v1.3.3) (2020-06-04)
|
20
|
-
|
21
|
-
[Full Changelog](https://github.com/servian/awskeyring/compare/v1.3.2...v1.3.3)
|
22
|
-
|
23
|
-
**Implemented enhancements:**
|
24
|
-
|
25
|
-
- Change email references from Vibrato to Servian [\#64](https://github.com/servian/awskeyring/pull/64) ([tristanmorgan](https://github.com/tristanmorgan))
|
26
|
-
|
27
|
-
## [v1.3.2](https://github.com/servian/awskeyring/tree/v1.3.2) (2020-04-27)
|
28
|
-
|
29
|
-
[Full Changelog](https://github.com/servian/awskeyring/compare/v1.3.1...v1.3.2)
|
30
|
-
|
31
|
-
**Fixed bugs:**
|
32
|
-
|
33
|
-
- Fix I18n message load when used as a library. [\#63](https://github.com/servian/awskeyring/pull/63) ([tristanmorgan](https://github.com/tristanmorgan))
|
34
|
-
|
35
|
-
## [v1.3.1](https://github.com/servian/awskeyring/tree/v1.3.1) (2020-03-19)
|
36
|
-
|
37
|
-
[Full Changelog](https://github.com/servian/awskeyring/compare/v1.3.0...v1.3.1)
|
38
|
-
|
39
|
-
**Implemented enhancements:**
|
40
|
-
|
41
|
-
- Markdown linting changes and removed Rubocop-MD. [\#61](https://github.com/servian/awskeyring/pull/61) ([tristanmorgan](https://github.com/tristanmorgan))
|
42
|
-
- Removed some redundant code. [\#60](https://github.com/servian/awskeyring/pull/60) ([tristanmorgan](https://github.com/tristanmorgan))
|
43
|
-
|
44
|
-
**Merged pull requests:**
|
45
|
-
|
46
|
-
- Update Ronn code and PR template. [\#59](https://github.com/servian/awskeyring/pull/59) ([tristanmorgan](https://github.com/tristanmorgan))
|
47
|
-
|
48
|
-
## [v1.3.0](https://github.com/servian/awskeyring/tree/v1.3.0) (2020-02-19)
|
49
|
-
|
50
|
-
[Full Changelog](https://github.com/servian/awskeyring/compare/v1.2.0...v1.3.0)
|
51
|
-
|
52
|
-
**Implemented enhancements:**
|
53
|
-
|
54
|
-
- Add a man-page and tweak README. [\#58](https://github.com/servian/awskeyring/pull/58) ([tristanmorgan](https://github.com/tristanmorgan))
|
55
|
-
- Enhanced version [\#57](https://github.com/servian/awskeyring/pull/57) ([AzySir](https://github.com/AzySir))
|
56
|
-
|
57
|
-
## [v1.2.0](https://github.com/servian/awskeyring/tree/v1.2.0) (2020-01-20)
|
58
|
-
|
59
|
-
[Full Changelog](https://github.com/servian/awskeyring/compare/v1.1.2...v1.2.0)
|
60
|
-
|
61
|
-
**Implemented enhancements:**
|
62
|
-
|
63
|
-
- Check for existing account keys and role arns [\#56](https://github.com/servian/awskeyring/pull/56) ([tristanmorgan](https://github.com/tristanmorgan))
|
64
|
-
|
65
|
-
## [v1.1.2](https://github.com/servian/awskeyring/tree/v1.1.2) (2020-01-06)
|
66
|
-
|
67
|
-
[Full Changelog](https://github.com/servian/awskeyring/compare/v1.1.1...v1.1.2)
|
68
|
-
|
69
|
-
**Fixed bugs:**
|
70
|
-
|
71
|
-
- Deprecation warning for exit\_on\_failure [\#55](https://github.com/servian/awskeyring/pull/55) ([tristanmorgan](https://github.com/tristanmorgan))
|
72
|
-
|
73
|
-
## [v1.1.1](https://github.com/servian/awskeyring/tree/v1.1.1) (2019-11-27)
|
74
|
-
|
75
|
-
[Full Changelog](https://github.com/servian/awskeyring/compare/v1.1.0...v1.1.1)
|
76
|
-
|
77
|
-
**Implemented enhancements:**
|
78
|
-
|
79
|
-
- Add --detail flag for roles. [\#54](https://github.com/servian/awskeyring/pull/54) ([tristanmorgan](https://github.com/tristanmorgan))
|
80
|
-
|
81
|
-
## [v1.1.0](https://github.com/servian/awskeyring/tree/v1.1.0) (2019-11-06)
|
82
|
-
|
83
|
-
[Full Changelog](https://github.com/servian/awskeyring/compare/v1.0.2...v1.1.0)
|
84
|
-
|
85
|
-
**Implemented enhancements:**
|
86
|
-
|
87
|
-
- Add completion to input prompts [\#53](https://github.com/servian/awskeyring/pull/53) ([tristanmorgan](https://github.com/tristanmorgan))
|
88
|
-
- Check for existing \(or not\) role names [\#52](https://github.com/servian/awskeyring/pull/52) ([tristanmorgan](https://github.com/tristanmorgan))
|
89
|
-
|
90
|
-
## [v1.0.2](https://github.com/servian/awskeyring/tree/v1.0.2) (2019-10-18)
|
91
|
-
|
92
|
-
[Full Changelog](https://github.com/servian/awskeyring/compare/v1.0.1...v1.0.2)
|
93
|
-
|
94
|
-
**Implemented enhancements:**
|
95
|
-
|
96
|
-
- Move to a new home, Servian. [\#51](https://github.com/servian/awskeyring/pull/51) ([tristanmorgan](https://github.com/tristanmorgan))
|
97
|
-
- Use RuboCop-RSpec too and expect\(\) more. [\#48](https://github.com/servian/awskeyring/pull/48) ([tristanmorgan](https://github.com/tristanmorgan))
|
98
|
-
|
99
|
-
## [v1.0.1](https://github.com/servian/awskeyring/tree/v1.0.1) (2019-05-23)
|
100
|
-
|
101
|
-
[Full Changelog](https://github.com/servian/awskeyring/compare/v1.0.0...v1.0.1)
|
102
|
-
|
103
|
-
**Implemented enhancements:**
|
104
|
-
|
105
|
-
- auto-complete the --version [\#47](https://github.com/servian/awskeyring/pull/47) ([tristanmorgan](https://github.com/tristanmorgan))
|
106
|
-
|
107
|
-
**Fixed bugs:**
|
108
|
-
|
109
|
-
- Unfreeze secret strings. [\#46](https://github.com/servian/awskeyring/pull/46) ([tristanmorgan](https://github.com/tristanmorgan))
|
110
|
-
|
111
|
-
## [v1.0.0](https://github.com/servian/awskeyring/tree/v1.0.0) (2019-05-19)
|
112
|
-
|
113
|
-
[Full Changelog](https://github.com/servian/awskeyring/compare/v0.10.0...v1.0.0)
|
114
|
-
|
115
|
-
**Implemented enhancements:**
|
116
|
-
|
117
|
-
- More RuboCop changes and tweaked version string. [\#45](https://github.com/servian/awskeyring/pull/45) ([tristanmorgan](https://github.com/tristanmorgan))
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
\* *This Changelog was automatically generated by [github_changelog_generator](https://github.com/github-changelog-generator/github-changelog-generator)*
|
data/CODE_OF_CONDUCT.md
DELETED
@@ -1,73 +0,0 @@
|
|
1
|
-
# Contributor Covenant Code of Conduct
|
2
|
-
|
3
|
-
## Our Pledge
|
4
|
-
|
5
|
-
In the interest of fostering an open and welcoming environment, we as
|
6
|
-
contributors and maintainers pledge to making participation in our project and
|
7
|
-
our community a harassment-free experience for everyone, regardless of age, body
|
8
|
-
size, disability, ethnicity, gender identity and expression, level of experience,
|
9
|
-
education, socio-economic status, nationality, personal appearance, race,
|
10
|
-
religion, or sexual identity and orientation.
|
11
|
-
|
12
|
-
## Our Standards
|
13
|
-
|
14
|
-
Examples of behavior that contributes to creating a positive environment
|
15
|
-
include:
|
16
|
-
|
17
|
-
* Using welcoming and inclusive language
|
18
|
-
* Being respectful of differing viewpoints and experiences
|
19
|
-
* Gracefully accepting constructive criticism
|
20
|
-
* Focusing on what is best for the community
|
21
|
-
* Showing empathy towards other community members
|
22
|
-
|
23
|
-
Examples of unacceptable behavior by participants include:
|
24
|
-
|
25
|
-
* The use of sexualized language or imagery and unwelcome sexual attention or
|
26
|
-
advances
|
27
|
-
* Trolling, insulting/derogatory comments, and personal or political attacks
|
28
|
-
* Public or private harassment
|
29
|
-
* Publishing others' private information, such as a physical or electronic
|
30
|
-
address, without explicit permission
|
31
|
-
* Other conduct which could reasonably be considered inappropriate in a
|
32
|
-
professional setting
|
33
|
-
|
34
|
-
## Our Responsibilities
|
35
|
-
|
36
|
-
Project maintainers are responsible for clarifying the standards of acceptable
|
37
|
-
behavior and are expected to take appropriate and fair corrective action in
|
38
|
-
response to any instances of unacceptable behavior.
|
39
|
-
|
40
|
-
Project maintainers have the right and responsibility to remove, edit, or
|
41
|
-
reject comments, commits, code, wiki edits, issues, and other contributions
|
42
|
-
that are not aligned to this Code of Conduct, or to ban temporarily or
|
43
|
-
permanently any contributor for other behaviors that they deem inappropriate,
|
44
|
-
threatening, offensive, or harmful.
|
45
|
-
|
46
|
-
## Scope
|
47
|
-
|
48
|
-
This Code of Conduct applies both within project spaces and in public spaces
|
49
|
-
when an individual is representing the project or its community. Examples of
|
50
|
-
representing a project or community include using an official project e-mail
|
51
|
-
address, posting via an official social media account, or acting as an appointed
|
52
|
-
representative at an online or offline event. Representation of a project may be
|
53
|
-
further defined and clarified by project maintainers.
|
54
|
-
|
55
|
-
## Enforcement
|
56
|
-
|
57
|
-
Instances of abusive, harassing, or otherwise unacceptable behavior may be
|
58
|
-
reported by contacting the project team at [tristan.morgan@servian.com](mailto:tristan.morgan@servian.com). All
|
59
|
-
complaints will be reviewed and investigated and will result in a response that
|
60
|
-
is deemed necessary and appropriate to the circumstances. The project team is
|
61
|
-
obligated to maintain confidentiality with regard to the reporter of an incident.
|
62
|
-
Further details of specific enforcement policies may be posted separately.
|
63
|
-
|
64
|
-
Project maintainers who do not follow or enforce the Code of Conduct in good
|
65
|
-
faith may face temporary or permanent repercussions as determined by other
|
66
|
-
members of the project's leadership.
|
67
|
-
|
68
|
-
## Attribution
|
69
|
-
|
70
|
-
This Code of Conduct is adapted from the [Contributor Covenant][homepage], version 1.4,
|
71
|
-
available [here](https://www.contributor-covenant.org/version/1/4/code-of-conduct.html)
|
72
|
-
|
73
|
-
[homepage]: https://www.contributor-covenant.org
|
data/CONTRIBUTING.md
DELETED
@@ -1,48 +0,0 @@
|
|
1
|
-
# How to contribute
|
2
|
-
|
3
|
-
Bug reports and pull requests from users are what keep this project working.
|
4
|
-
|
5
|
-
## Basics
|
6
|
-
|
7
|
-
1. Create an issue and describe your idea
|
8
|
-
2. [Fork it](https://github.com/servian/awskeyring/fork)
|
9
|
-
3. Create your feature branch (`git checkout -b my-new-feature`)
|
10
|
-
4. Commit your changes (`git commit -am 'Add some feature'`)
|
11
|
-
5. Publish the branch (`git push origin my-new-feature`)
|
12
|
-
6. Create a new Pull Request
|
13
|
-
|
14
|
-
## Checking your work
|
15
|
-
|
16
|
-
You can run the test suite.
|
17
|
-
|
18
|
-
You can run [RuboCop] to check code style.
|
19
|
-
|
20
|
-
You can run [RSpec] to see if anything broke.
|
21
|
-
|
22
|
-
You can run [YARD] to see of your code is documented.
|
23
|
-
|
24
|
-
The default Rake task, runnable using `rake`.
|
25
|
-
|
26
|
-
## Write documentation
|
27
|
-
|
28
|
-
This project has documentation in a few places:
|
29
|
-
|
30
|
-
### Introduction and usage
|
31
|
-
|
32
|
-
A friendly `README.md` written for many audiences.
|
33
|
-
|
34
|
-
### Examples and advanced usage
|
35
|
-
|
36
|
-
The [wiki].
|
37
|
-
|
38
|
-
### API documentation
|
39
|
-
|
40
|
-
API documentation is written as [YARD] docblocks in the Ruby code.
|
41
|
-
|
42
|
-
This is rendered as Web pages on [Rubydoc.info][awskeyring on Rubydoc.info].
|
43
|
-
|
44
|
-
[wiki]: https://github.com/servian/awskeyring/wiki
|
45
|
-
[YARD]: https://yardoc.org/
|
46
|
-
[awskeyring on Rubydoc.info]: https://www.rubydoc.info/gems/awskeyring
|
47
|
-
[RuboCop]: https://rubocop.readthedocs.io/en/latest/
|
48
|
-
[Rspec]: https://rspec.info
|
data/man/awskeyring.5.ronn
DELETED
@@ -1,138 +0,0 @@
|
|
1
|
-
# Awskeyring -- is a small tool to manage AWS account keys in the macOS Keychain
|
2
|
-
|
3
|
-
## SYNOPSIS
|
4
|
-
|
5
|
-
awskeyring COMMAND [ACCOUNT|ROLE] [OPTIONS]
|
6
|
-
|
7
|
-
awskeyring help COMMAND
|
8
|
-
|
9
|
-
## DESCRIPTION
|
10
|
-
|
11
|
-
The Awskeyring utility stores and manages AWS access keys and provides the facility to generate access tokens with
|
12
|
-
combinations of assumed roles and multi-factor-authentication codes. It includes autocompletion features and multiple
|
13
|
-
validation checks for input parsing. It also includes the ability for the AWS CLI to call it directly to provide authentication.
|
14
|
-
|
15
|
-
The commands are as follows:
|
16
|
-
|
17
|
-
* --version, -v:
|
18
|
-
|
19
|
-
Prints the version
|
20
|
-
|
21
|
-
* add ACCOUNT:
|
22
|
-
|
23
|
-
Adds an ACCOUNT to the keyring
|
24
|
-
|
25
|
-
* add-role ROLE:
|
26
|
-
|
27
|
-
Adds a ROLE to the keyring
|
28
|
-
|
29
|
-
* console ACCOUNT:
|
30
|
-
|
31
|
-
Open the AWS Console for the ACCOUNT
|
32
|
-
|
33
|
-
* env ACCOUNT:
|
34
|
-
|
35
|
-
Outputs bourne shell environment exports for an ACCOUNT
|
36
|
-
|
37
|
-
* exec ACCOUNT command...:
|
38
|
-
|
39
|
-
Execute a COMMAND with the environment set for an ACCOUNT
|
40
|
-
|
41
|
-
* help [COMMAND]:
|
42
|
-
|
43
|
-
Describe available commands or one specific command
|
44
|
-
|
45
|
-
* import:
|
46
|
-
|
47
|
-
Import an ACCOUNT to the keyring from ~/.aws/credentials
|
48
|
-
|
49
|
-
* initialise:
|
50
|
-
|
51
|
-
Initialises a new KEYCHAIN
|
52
|
-
|
53
|
-
* json ACCOUNT:
|
54
|
-
|
55
|
-
Outputs AWS CLI compatible JSON for an ACCOUNT
|
56
|
-
|
57
|
-
* list:
|
58
|
-
|
59
|
-
Prints a list of accounts in the keyring
|
60
|
-
|
61
|
-
* list-role:
|
62
|
-
|
63
|
-
Prints a list of roles in the keyring
|
64
|
-
|
65
|
-
* remove ACCOUNT:
|
66
|
-
|
67
|
-
Removes an ACCOUNT from the keyring
|
68
|
-
|
69
|
-
* remove-role ROLE:
|
70
|
-
|
71
|
-
Removes a ROLE from the keyring
|
72
|
-
|
73
|
-
* remove-token ACCOUNT:
|
74
|
-
|
75
|
-
Removes a token for ACCOUNT from the keyring
|
76
|
-
|
77
|
-
* rotate ACCOUNT:
|
78
|
-
|
79
|
-
Rotate access keys for an ACCOUNT
|
80
|
-
|
81
|
-
* token ACCOUNT [ROLE] [MFA]:
|
82
|
-
|
83
|
-
Create an STS Token from a ROLE or an MFA code
|
84
|
-
|
85
|
-
* update ACCOUNT:
|
86
|
-
|
87
|
-
Updates an ACCOUNT in the keyring
|
88
|
-
|
89
|
-
## ENVIRONMENT
|
90
|
-
|
91
|
-
The AWS_DEFAULT_REGION environment variable will be used for AWS API calls where specified or fall back to us-east-1
|
92
|
-
when not.
|
93
|
-
|
94
|
-
## EXIT STATUS
|
95
|
-
|
96
|
-
The Awskeyring utility exits 0 on success, and >0 if an error occurs.
|
97
|
-
|
98
|
-
## EXAMPLES
|
99
|
-
|
100
|
-
First you need to initialise your keychain to hold your AWS credentials.
|
101
|
-
|
102
|
-
awskeyring initialise
|
103
|
-
|
104
|
-
Then add your keys to it.
|
105
|
-
|
106
|
-
awskeyring add personal-aws
|
107
|
-
|
108
|
-
Now your keys are stored safely in the macOS keychain. To print environment variables run...
|
109
|
-
|
110
|
-
awskeyring env personal-aws
|
111
|
-
|
112
|
-
## HISTORY
|
113
|
-
|
114
|
-
The motivation of this application is to provide a local secure store of AWS
|
115
|
-
credentials using specifically in the macOS Keychain, to have them easily accessed
|
116
|
-
from the Terminal, and to provide useful functions like assuming roles and opening
|
117
|
-
the AWS Console from the cli.
|
118
|
-
For Enterprise environments there are better suited tools to use
|
119
|
-
like [HashiCorp Vault](https://vaultproject.io/).
|
120
|
-
|
121
|
-
## SECURITY
|
122
|
-
|
123
|
-
If you believe you have found a security issue in Awskeyring, please responsibly disclose by contacting me at
|
124
|
-
[tristan.morgan@servian.com](mailto:tristan.morgan@servian.com). Awskeyring is a Ruby script and as such Ruby is whitelisted to
|
125
|
-
access your "awskeyring" keychain. Use a strong password and keep the unlock time short.
|
126
|
-
|
127
|
-
## AUTHOR
|
128
|
-
|
129
|
-
Tristan Morgan <tristan.morgan@servian.com> is the maintainer of Awskeyring.
|
130
|
-
|
131
|
-
## CONTRIBUTORS
|
132
|
-
|
133
|
-
* Tristan [tristanmorgan](https://github.com/tristanmorgan)
|
134
|
-
* Adam Sir [AzySir](https://github.com/AzySir)
|
135
|
-
|
136
|
-
## LICENSE
|
137
|
-
|
138
|
-
The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).
|