awskeyring 1.8.4 → 1.8.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +18 -18
- data/i18n/en.yml +1 -1
- data/lib/awskeyring/version.rb +1 -1
- data/lib/awskeyring_command.rb +35 -11
- data/man/awskeyring.5 +3 -3
- metadata +4 -4
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: df8b15491f307691db7f25727bdc12f5a90ba71b816e6b14b14a71bdbd53c594
|
|
4
|
+
data.tar.gz: af3cc61ea5c8c44025254b5fb9a90a087e67a2c556f7391006acc188ab5be214
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: c20ade29e6499e0fa836cb7532dd1dd8776659ed7c3e69cc905c6ea34ae5a46b3af24320a94781996af7cdbb0cc4e69fabe86259d7aaa99048b577c5a9a09208
|
|
7
|
+
data.tar.gz: 547a0ad97e0e38b7b6e61d7b8275ab75c18a114d83a540de293c410cd4835f4a429bf829863e62fce4c8350ece488d0d4d4a0571c17b9e1a0b97b4416eaa51e2
|
data/README.md
CHANGED
|
@@ -62,24 +62,24 @@ more details on this config option.
|
|
|
62
62
|
The CLI is using [Thor](http://whatisthor.com) with help provided interactively.
|
|
63
63
|
|
|
64
64
|
Awskeyring commands:
|
|
65
|
-
awskeyring --version, -v
|
|
66
|
-
awskeyring add ACCOUNT
|
|
67
|
-
awskeyring add-role ROLE
|
|
68
|
-
awskeyring console ACCOUNT
|
|
69
|
-
awskeyring env ACCOUNT
|
|
70
|
-
awskeyring exec ACCOUNT command...
|
|
71
|
-
awskeyring help [COMMAND]
|
|
72
|
-
awskeyring import ACCOUNT
|
|
73
|
-
awskeyring initialise
|
|
74
|
-
awskeyring json ACCOUNT
|
|
75
|
-
awskeyring list
|
|
76
|
-
awskeyring list-role
|
|
77
|
-
awskeyring remove ACCOUNT
|
|
78
|
-
awskeyring remove-role ROLE
|
|
79
|
-
awskeyring remove-token ACCOUNT
|
|
80
|
-
awskeyring rotate ACCOUNT
|
|
81
|
-
awskeyring token ACCOUNT [ROLE] [
|
|
82
|
-
awskeyring update ACCOUNT
|
|
65
|
+
awskeyring --version, -v # Prints the version
|
|
66
|
+
awskeyring add ACCOUNT # Adds an ACCOUNT to the keyring
|
|
67
|
+
awskeyring add-role ROLE # Adds a ROLE to the keyring
|
|
68
|
+
awskeyring console ACCOUNT # Open the AWS Console for the ACCOUNT
|
|
69
|
+
awskeyring env ACCOUNT # Outputs bourne shell environment exports for an ACCOUNT
|
|
70
|
+
awskeyring exec ACCOUNT command... # Execute a COMMAND with the environment set for an ACCOUNT
|
|
71
|
+
awskeyring help [COMMAND] # Describe available commands or one specific command
|
|
72
|
+
awskeyring import ACCOUNT # Import an ACCOUNT to the keyring from ~/.aws/credentials
|
|
73
|
+
awskeyring initialise # Initialises a new KEYCHAIN
|
|
74
|
+
awskeyring json ACCOUNT # Outputs AWS CLI compatible JSON for an ACCOUNT
|
|
75
|
+
awskeyring list # Prints a list of accounts in the keyring
|
|
76
|
+
awskeyring list-role # Prints a list of roles in the keyring
|
|
77
|
+
awskeyring remove ACCOUNT # Removes an ACCOUNT from the keyring
|
|
78
|
+
awskeyring remove-role ROLE # Removes a ROLE from the keyring
|
|
79
|
+
awskeyring remove-token ACCOUNT # Removes a token for ACCOUNT from the keyring
|
|
80
|
+
awskeyring rotate ACCOUNT # Rotate access keys for an ACCOUNT
|
|
81
|
+
awskeyring token ACCOUNT [ROLE] [CODE] # Create an STS Token from a ROLE or an mfa CODE
|
|
82
|
+
awskeyring update ACCOUNT # Updates an ACCOUNT in the keyring
|
|
83
83
|
|
|
84
84
|
and autocomplete that can be installed with:
|
|
85
85
|
|
data/i18n/en.yml
CHANGED
|
@@ -17,7 +17,7 @@ en:
|
|
|
17
17
|
remove_role_desc: Removes a ROLE from the keyring
|
|
18
18
|
remove_token_desc: Removes a token for ACCOUNT from the keyring
|
|
19
19
|
rotate_desc: Rotate access keys for an ACCOUNT
|
|
20
|
-
token_desc: Create an STS Token from a ROLE or an
|
|
20
|
+
token_desc: Create an STS Token from a ROLE or an mfa CODE
|
|
21
21
|
update_desc: Updates an ACCOUNT in the keyring
|
|
22
22
|
method_option:
|
|
23
23
|
arn: 'AWS role arn.'
|
data/lib/awskeyring/version.rb
CHANGED
data/lib/awskeyring_command.rb
CHANGED
|
@@ -335,7 +335,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
|
335
335
|
puts I18n.t('message.upaccount', account: account)
|
|
336
336
|
end
|
|
337
337
|
|
|
338
|
-
desc 'token ACCOUNT [ROLE] [
|
|
338
|
+
desc 'token ACCOUNT [ROLE] [CODE]', I18n.t('token_desc')
|
|
339
339
|
method_option :code, type: :string, aliases: '-c', desc: I18n.t('method_option.code')
|
|
340
340
|
method_option :duration, type: :string, aliases: '-d', desc: I18n.t('method_option.duration')
|
|
341
341
|
# generate a sessiopn token
|
|
@@ -430,7 +430,8 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
|
430
430
|
desc "#{File.basename($PROGRAM_NAME)} CURR PREV", I18n.t('awskeyring_desc'), hide: true
|
|
431
431
|
map File.basename($PROGRAM_NAME) => :autocomplete
|
|
432
432
|
# autocomplete
|
|
433
|
-
def autocomplete(curr, prev)
|
|
433
|
+
def autocomplete(curr, prev = nil)
|
|
434
|
+
curr, prev = fix_args(curr, prev)
|
|
434
435
|
comp_line = ENV['COMP_LINE']
|
|
435
436
|
comp_point_str = ENV['COMP_POINT']
|
|
436
437
|
unless comp_line && comp_point_str
|
|
@@ -448,16 +449,16 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
|
448
449
|
|
|
449
450
|
private
|
|
450
451
|
|
|
451
|
-
|
|
452
|
-
|
|
453
|
-
|
|
454
|
-
|
|
455
|
-
|
|
456
|
-
|
|
457
|
-
|
|
458
|
-
cred
|
|
452
|
+
# when a double dash is parsed it is dropped from the args but we need it
|
|
453
|
+
def fix_args(curr, prev)
|
|
454
|
+
if prev.nil?
|
|
455
|
+
[ARGV[1], ARGV[2]]
|
|
456
|
+
else
|
|
457
|
+
[curr, prev]
|
|
458
|
+
end
|
|
459
459
|
end
|
|
460
460
|
|
|
461
|
+
# determine the type of completion needed
|
|
461
462
|
def comp_type(comp_lines:, prev:)
|
|
462
463
|
sub_cmd = sub_command(comp_lines)
|
|
463
464
|
comp_idx = comp_lines.rindex(prev)
|
|
@@ -475,8 +476,10 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
|
475
476
|
[comp_type, sub_cmd]
|
|
476
477
|
end
|
|
477
478
|
|
|
479
|
+
# check params for named params or fall back to flags
|
|
478
480
|
def param_type(comp_idx, sub_cmd)
|
|
479
|
-
|
|
481
|
+
types = %i[opt req]
|
|
482
|
+
param_list = method(sub_cmd).parameters.select { |elem| types.include? elem[0] }
|
|
480
483
|
if comp_idx.zero?
|
|
481
484
|
:command
|
|
482
485
|
elsif comp_idx > param_list.length
|
|
@@ -486,6 +489,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
|
486
489
|
end
|
|
487
490
|
end
|
|
488
491
|
|
|
492
|
+
# catch the command from prefixes and aliases
|
|
489
493
|
def sub_command(comp_lines)
|
|
490
494
|
return '' if comp_lines.nil? || comp_lines.length < 2
|
|
491
495
|
|
|
@@ -498,6 +502,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
|
498
502
|
self.class.map[sub_cmd].to_s
|
|
499
503
|
end
|
|
500
504
|
|
|
505
|
+
# given a type return the right list for completions
|
|
501
506
|
def fetch_auto_resp(comp_type, sub_cmd)
|
|
502
507
|
case comp_type
|
|
503
508
|
when :command
|
|
@@ -517,11 +522,13 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
|
517
522
|
end
|
|
518
523
|
end
|
|
519
524
|
|
|
525
|
+
# list command names
|
|
520
526
|
def list_commands
|
|
521
527
|
commands = self.class.all_commands.keys.map { |elem| elem.tr('_', '-') }
|
|
522
528
|
commands.reject! { |elem| %w[autocomplete default].include?(elem) }
|
|
523
529
|
end
|
|
524
530
|
|
|
531
|
+
# list flags for a command
|
|
525
532
|
def list_arguments(command:)
|
|
526
533
|
options = self.class.all_commands[command].options.values
|
|
527
534
|
exit 1 if options.empty?
|
|
@@ -530,18 +537,32 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
|
530
537
|
options.map(&:switch_name)
|
|
531
538
|
end
|
|
532
539
|
|
|
540
|
+
# add warning about old keys
|
|
541
|
+
def age_check_and_get(account:, no_token:)
|
|
542
|
+
cred = Awskeyring.get_valid_creds(account: account, no_token: no_token)
|
|
543
|
+
|
|
544
|
+
maxage = Awskeyring.key_age
|
|
545
|
+
age = (Time.new - cred[:updated]).div Awskeyring::Awsapi::ONE_DAY
|
|
546
|
+
warn I18n.t('message.age_check', account: account, age: age) unless age < maxage
|
|
547
|
+
|
|
548
|
+
cred
|
|
549
|
+
end
|
|
550
|
+
|
|
551
|
+
# print exports from map
|
|
533
552
|
def put_env_string(cred)
|
|
534
553
|
env_var = Awskeyring::Awsapi.get_env_array(cred)
|
|
535
554
|
env_var.each { |var, value| puts "export #{var}=\"#{value}\"" }
|
|
536
555
|
Awskeyring::Awsapi::AWS_ENV_VARS.each { |key| puts "unset #{key}" unless env_var.key?(key) }
|
|
537
556
|
end
|
|
538
557
|
|
|
558
|
+
# select duration for sts token types
|
|
539
559
|
def default_duration(duration, role, code)
|
|
540
560
|
duration ||= Awskeyring::Awsapi::ONE_HOUR.to_s if role
|
|
541
561
|
duration ||= Awskeyring::Awsapi::TWELVE_HOUR.to_s if code
|
|
542
562
|
duration || Awskeyring::Awsapi::ONE_HOUR.to_s
|
|
543
563
|
end
|
|
544
564
|
|
|
565
|
+
# ask and validate input values.
|
|
545
566
|
def ask_check(existing:, message:, flags: nil, validator: nil, limited_to: nil) # rubocop:disable Metrics/MethodLength
|
|
546
567
|
retries ||= 3
|
|
547
568
|
begin
|
|
@@ -562,10 +583,12 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
|
562
583
|
value
|
|
563
584
|
end
|
|
564
585
|
|
|
586
|
+
# ask for somthinng if its missing.
|
|
565
587
|
def ask_missing(existing:, message:, secure: false, optional: false, limited_to: nil)
|
|
566
588
|
existing || ask(message: message, secure: secure, optional: optional, limited_to: limited_to).strip
|
|
567
589
|
end
|
|
568
590
|
|
|
591
|
+
# ask in different ways
|
|
569
592
|
def ask(message:, secure: false, optional: false, limited_to: nil)
|
|
570
593
|
if secure
|
|
571
594
|
Awskeyring::Input.read_secret("#{message.rjust(20)}: ")
|
|
@@ -578,6 +601,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
|
578
601
|
end
|
|
579
602
|
end
|
|
580
603
|
|
|
604
|
+
# undo Bundler env vars
|
|
581
605
|
def unbundle
|
|
582
606
|
to_delete = ENV.keys.select { |elem| elem.start_with?('BUNDLER_ORIG_') }
|
|
583
607
|
bundled_env = to_delete.map { |elem| elem[('BUNDLER_ORIG_'.length)..] }
|
data/man/awskeyring.5
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
|
3
3
|
.
|
|
4
|
-
.TH "AWSKEYRING" "5" "
|
|
4
|
+
.TH "AWSKEYRING" "5" "June 2021" "" ""
|
|
5
5
|
.
|
|
6
6
|
.SH "NAME"
|
|
7
7
|
\fBAwskeyring\fR \- is a small tool to manage AWS account keys in the macOS Keychain
|
|
@@ -189,10 +189,10 @@ rotate ACCOUNT:
|
|
|
189
189
|
Rotate access keys for an ACCOUNT
|
|
190
190
|
.
|
|
191
191
|
.TP
|
|
192
|
-
token ACCOUNT [ROLE] [
|
|
192
|
+
token ACCOUNT [ROLE] [CODE]:
|
|
193
193
|
.
|
|
194
194
|
.IP
|
|
195
|
-
Create an STS Token from a ROLE or an
|
|
195
|
+
Create an STS Token from a ROLE or an mfa CODE
|
|
196
196
|
.
|
|
197
197
|
.br
|
|
198
198
|
.
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: awskeyring
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.8.
|
|
4
|
+
version: 1.8.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tristan Morgan
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: exe
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2021-
|
|
11
|
+
date: 2021-06-29 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: aws-sdk-iam
|
|
@@ -93,8 +93,8 @@ licenses:
|
|
|
93
93
|
metadata:
|
|
94
94
|
bug_tracker_uri: https://github.com/servian/awskeyring/issues
|
|
95
95
|
changelog_uri: https://github.com/servian/awskeyring/blob/main/CHANGELOG.md
|
|
96
|
-
documentation_uri: https://rubydoc.info/gems/awskeyring/1.8.
|
|
97
|
-
source_code_uri: https://github.com/servian/awskeyring/tree/v1.8.
|
|
96
|
+
documentation_uri: https://rubydoc.info/gems/awskeyring/1.8.5
|
|
97
|
+
source_code_uri: https://github.com/servian/awskeyring/tree/v1.8.5
|
|
98
98
|
wiki_uri: https://github.com/servian/awskeyring/wiki
|
|
99
99
|
post_install_message:
|
|
100
100
|
rdoc_options: []
|