awskeyring 1.8.2 → 1.8.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +1 -1
- data/i18n/en.yml +19 -36
- data/lib/awskeyring/version.rb +1 -1
- data/lib/awskeyring_command.rb +32 -19
- data/man/awskeyring.5 +28 -2
- metadata +4 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 3ea94b3d72f37d363e05a9d5cbcb7833a4039368b4ebe8f32a0d24b29bdb0e7b
|
4
|
+
data.tar.gz: 358d4bab4128a8e0defa2a1736c4e05820f2ec11e58e4c0c4d29489da94d892e
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 402911d7d34d2f496c245dab3629ed55da0c21d4bd821829258db7221b54aac69fdaee8871984aae308cbe25576e2e6de493b362c8ef22bfc75987e8b0129ec0
|
7
|
+
data.tar.gz: 8dd73f4b26dfcf6173b1d8e8b3db16747110cc49a2bc120df425c789ff7025a93959becb526467393bd33eb832febb66c5fb86f00b1d61eebcd7091b126fbde0
|
data/README.md
CHANGED
@@ -61,7 +61,7 @@ more details on this config option.
|
|
61
61
|
|
62
62
|
The CLI is using [Thor](http://whatisthor.com) with help provided interactively.
|
63
63
|
|
64
|
-
|
64
|
+
Awskeyring commands:
|
65
65
|
awskeyring --version, -v # Prints the version
|
66
66
|
awskeyring add ACCOUNT # Adds an ACCOUNT to the keyring
|
67
67
|
awskeyring add-role ROLE # Adds a ROLE to the keyring
|
data/i18n/en.yml
CHANGED
@@ -1,41 +1,24 @@
|
|
1
1
|
---
|
2
2
|
en:
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
desc: Outputs AWS CLI compatible JSON for an ACCOUNT
|
23
|
-
list:
|
24
|
-
desc: Prints a list of accounts in the keyring
|
25
|
-
list_role:
|
26
|
-
desc: Prints a list of roles in the keyring
|
27
|
-
remove:
|
28
|
-
desc: Removes an ACCOUNT from the keyring
|
29
|
-
remove_role:
|
30
|
-
desc: Removes a ROLE from the keyring
|
31
|
-
remove_token:
|
32
|
-
desc: Removes a token for ACCOUNT from the keyring
|
33
|
-
rotate:
|
34
|
-
desc: Rotate access keys for an ACCOUNT
|
35
|
-
token:
|
36
|
-
desc: Create an STS Token from a ROLE or an MFA code
|
37
|
-
update:
|
38
|
-
desc: Updates an ACCOUNT in the keyring
|
3
|
+
__version_desc: Prints the version
|
4
|
+
add_desc: Adds an ACCOUNT to the keyring
|
5
|
+
add_role_desc: Adds a ROLE to the keyring
|
6
|
+
awskeyring_desc: Autocompletion for bourne shells
|
7
|
+
console_desc: Open the AWS Console for the ACCOUNT
|
8
|
+
default_desc: Run default help or initialise if needed.
|
9
|
+
env_desc: Outputs bourne shell environment exports for an ACCOUNT
|
10
|
+
exec_desc: Execute a COMMAND with the environment set for an ACCOUNT
|
11
|
+
import_desc: Import an ACCOUNT to the keyring from ~/.aws/credentials
|
12
|
+
initialise_desc: Initialises a new KEYCHAIN
|
13
|
+
json_desc: Outputs AWS CLI compatible JSON for an ACCOUNT
|
14
|
+
list_desc: Prints a list of accounts in the keyring
|
15
|
+
list_role_desc: Prints a list of roles in the keyring
|
16
|
+
remove_desc: Removes an ACCOUNT from the keyring
|
17
|
+
remove_role_desc: Removes a ROLE from the keyring
|
18
|
+
remove_token_desc: Removes a token for ACCOUNT from the keyring
|
19
|
+
rotate_desc: Rotate access keys for an ACCOUNT
|
20
|
+
token_desc: Create an STS Token from a ROLE or an MFA code
|
21
|
+
update_desc: Updates an ACCOUNT in the keyring
|
39
22
|
method_option:
|
40
23
|
arn: 'AWS role arn.'
|
41
24
|
code: 'Virtual mfa CODE.'
|
data/lib/awskeyring/version.rb
CHANGED
data/lib/awskeyring_command.rb
CHANGED
@@ -11,6 +11,7 @@ require 'awskeyring/version'
|
|
11
11
|
|
12
12
|
# AWSkeyring command line interface.
|
13
13
|
class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
14
|
+
package_name 'Awskeyring'
|
14
15
|
I18n.load_path = Dir.glob(File.join(File.realpath(__dir__), '..', 'i18n', '*.{yml,yaml}'))
|
15
16
|
I18n.backend.load_translations
|
16
17
|
|
@@ -27,13 +28,24 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
27
28
|
map 'rot' => :rotate
|
28
29
|
map 'tok' => :token
|
29
30
|
map 'up' => :update
|
31
|
+
default_command :default
|
30
32
|
|
31
33
|
# default to returning an error on failure.
|
32
34
|
def self.exit_on_failure?
|
33
35
|
true
|
34
36
|
end
|
35
37
|
|
36
|
-
desc '
|
38
|
+
desc 'default', I18n.t('default_desc'), hide: true
|
39
|
+
# default command to run
|
40
|
+
def default
|
41
|
+
if Awskeyring.prefs.empty?
|
42
|
+
invoke :initialise
|
43
|
+
else
|
44
|
+
invoke :help
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
desc '--version, -v', I18n.t('__version_desc')
|
37
49
|
method_option 'no-remote', type: :boolean, aliases: '-r', desc: I18n.t('method_option.noremote'), default: false
|
38
50
|
# print the version number
|
39
51
|
def __version
|
@@ -44,7 +56,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
44
56
|
puts "Homepage #{Awskeyring::HOMEPAGE}"
|
45
57
|
end
|
46
58
|
|
47
|
-
desc 'initialise', I18n.t('
|
59
|
+
desc 'initialise', I18n.t('initialise_desc')
|
48
60
|
method_option :keychain, type: :string, aliases: '-n', desc: I18n.t('method_option.keychain')
|
49
61
|
# initialise the keychain
|
50
62
|
def initialise
|
@@ -69,7 +81,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
69
81
|
puts I18n.t('message.addkeychain', keychain: keychain, exec_name: exec_name)
|
70
82
|
end
|
71
83
|
|
72
|
-
desc 'list', I18n.t('
|
84
|
+
desc 'list', I18n.t('list_desc')
|
73
85
|
# list the accounts
|
74
86
|
def list
|
75
87
|
if Awskeyring.list_account_names.empty?
|
@@ -80,7 +92,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
80
92
|
end
|
81
93
|
|
82
94
|
map 'list-role' => :list_role
|
83
|
-
desc 'list-role', I18n.t('
|
95
|
+
desc 'list-role', I18n.t('list_role_desc')
|
84
96
|
method_option 'detail', type: :boolean, aliases: '-d', desc: I18n.t('method_option.detail'), default: false
|
85
97
|
# List roles
|
86
98
|
def list_role
|
@@ -95,7 +107,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
95
107
|
end
|
96
108
|
end
|
97
109
|
|
98
|
-
desc 'env ACCOUNT', I18n.t('
|
110
|
+
desc 'env ACCOUNT', I18n.t('env_desc')
|
99
111
|
method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
|
100
112
|
method_option 'unset', type: :boolean, aliases: '-u', desc: I18n.t('method_option.unset'), default: false
|
101
113
|
# Print Env vars
|
@@ -113,7 +125,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
113
125
|
end
|
114
126
|
end
|
115
127
|
|
116
|
-
desc 'json ACCOUNT', I18n.t('
|
128
|
+
desc 'json ACCOUNT', I18n.t('json_desc')
|
117
129
|
method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
|
118
130
|
# Print JSON for use with credential_process
|
119
131
|
def json(account)
|
@@ -130,7 +142,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
130
142
|
)
|
131
143
|
end
|
132
144
|
|
133
|
-
desc 'import ACCOUNT', I18n.t('
|
145
|
+
desc 'import ACCOUNT', I18n.t('import_desc')
|
134
146
|
method_option 'no-remote', type: :boolean, aliases: '-r', desc: I18n.t('method_option.noremote'), default: false
|
135
147
|
# Import an Account
|
136
148
|
def import(account = nil) # rubocop:disable Metrics/MethodLength, Metrics/AbcSize
|
@@ -166,7 +178,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
166
178
|
end
|
167
179
|
end
|
168
180
|
|
169
|
-
desc 'exec ACCOUNT command...', I18n.t('
|
181
|
+
desc 'exec ACCOUNT command...', I18n.t('exec_desc')
|
170
182
|
method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
|
171
183
|
method_option 'no-bundle', type: :boolean, aliases: '-b', desc: I18n.t('method_option.nobundle'), default: false
|
172
184
|
# execute an external command with env set
|
@@ -188,7 +200,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
188
200
|
end
|
189
201
|
end
|
190
202
|
|
191
|
-
desc 'add ACCOUNT', I18n.t('
|
203
|
+
desc 'add ACCOUNT', I18n.t('add_desc')
|
192
204
|
method_option :key, type: :string, aliases: '-k', desc: I18n.t('method_option.key')
|
193
205
|
method_option :secret, type: :string, aliases: '-s', desc: I18n.t('method_option.secret')
|
194
206
|
method_option :mfa, type: :string, aliases: '-m', desc: I18n.t('method_option.mfa')
|
@@ -219,7 +231,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
219
231
|
puts I18n.t('message.addaccount', account: account)
|
220
232
|
end
|
221
233
|
|
222
|
-
desc 'update ACCOUNT', I18n.t('
|
234
|
+
desc 'update ACCOUNT', I18n.t('update_desc')
|
223
235
|
method_option :key, type: :string, aliases: '-k', desc: I18n.t('method_option.key')
|
224
236
|
method_option :secret, type: :string, aliases: '-s', desc: I18n.t('method_option.secret')
|
225
237
|
method_option 'no-remote', type: :boolean, aliases: '-r', desc: I18n.t('method_option.noremote'), default: false
|
@@ -247,7 +259,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
247
259
|
end
|
248
260
|
|
249
261
|
map 'add-role' => :add_role
|
250
|
-
desc 'add-role ROLE', I18n.t('
|
262
|
+
desc 'add-role ROLE', I18n.t('add_role_desc')
|
251
263
|
method_option :arn, type: :string, aliases: '-a', desc: I18n.t('method_option.arn')
|
252
264
|
# Add a role
|
253
265
|
def add_role(role = nil)
|
@@ -267,7 +279,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
267
279
|
puts I18n.t('message.addrole', role: role)
|
268
280
|
end
|
269
281
|
|
270
|
-
desc 'remove ACCOUNT', I18n.t('
|
282
|
+
desc 'remove ACCOUNT', I18n.t('remove_desc')
|
271
283
|
# Remove an account
|
272
284
|
def remove(account = nil)
|
273
285
|
account = ask_check(
|
@@ -277,7 +289,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
277
289
|
Awskeyring.delete_account(account: account, message: I18n.t('message.delaccount', account: account))
|
278
290
|
end
|
279
291
|
|
280
|
-
desc 'remove-token ACCOUNT', I18n.t('
|
292
|
+
desc 'remove-token ACCOUNT', I18n.t('remove_token_desc')
|
281
293
|
# remove a session token
|
282
294
|
def remove_token(account = nil)
|
283
295
|
account = ask_check(
|
@@ -288,7 +300,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
288
300
|
end
|
289
301
|
|
290
302
|
map 'remove-role' => :remove_role
|
291
|
-
desc 'remove-role ROLE', I18n.t('
|
303
|
+
desc 'remove-role ROLE', I18n.t('remove_role_desc')
|
292
304
|
# remove a role
|
293
305
|
def remove_role(role = nil)
|
294
306
|
role = ask_check(
|
@@ -298,7 +310,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
298
310
|
Awskeyring.delete_role(role_name: role, message: I18n.t('message.delrole', role: role))
|
299
311
|
end
|
300
312
|
|
301
|
-
desc 'rotate ACCOUNT', I18n.t('
|
313
|
+
desc 'rotate ACCOUNT', I18n.t('rotate_desc')
|
302
314
|
# rotate Account keys
|
303
315
|
def rotate(account = nil) # rubocop:disable Metrics/MethodLength
|
304
316
|
account = ask_check(
|
@@ -330,7 +342,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
330
342
|
puts I18n.t('message.upaccount', account: account)
|
331
343
|
end
|
332
344
|
|
333
|
-
desc 'token ACCOUNT [ROLE] [MFA]', I18n.t('
|
345
|
+
desc 'token ACCOUNT [ROLE] [MFA]', I18n.t('token_desc')
|
334
346
|
method_option :role, type: :string, aliases: '-r', desc: I18n.t('method_option.role')
|
335
347
|
method_option :code, type: :string, aliases: '-c', desc: I18n.t('method_option.code')
|
336
348
|
method_option :duration, type: :string, aliases: '-d', desc: I18n.t('method_option.duration')
|
@@ -385,7 +397,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
385
397
|
puts I18n.t('message.addtoken', account: account, time: Time.at(new_creds[:expiry].to_i))
|
386
398
|
end
|
387
399
|
|
388
|
-
desc 'console ACCOUNT', I18n.t('
|
400
|
+
desc 'console ACCOUNT', I18n.t('console_desc')
|
389
401
|
method_option :path, type: :string, aliases: '-p', desc: I18n.t('method_option.path')
|
390
402
|
method_option :browser, type: :string, aliases: '-b', desc: I18n.t('method_option.browser')
|
391
403
|
method_option 'no-token', type: :boolean, aliases: '-n', desc: I18n.t('method_option.notoken'), default: false
|
@@ -424,7 +436,7 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
424
436
|
end
|
425
437
|
end
|
426
438
|
|
427
|
-
desc
|
439
|
+
desc "#{File.basename($PROGRAM_NAME)} CURR PREV", I18n.t('awskeyring_desc'), hide: true
|
428
440
|
map File.basename($PROGRAM_NAME) => :autocomplete
|
429
441
|
# autocomplete
|
430
442
|
def autocomplete(curr, prev)
|
@@ -507,7 +519,8 @@ class AwskeyringCommand < Thor # rubocop:disable Metrics/ClassLength
|
|
507
519
|
end
|
508
520
|
|
509
521
|
def list_commands
|
510
|
-
self.class.all_commands.keys.map { |elem| elem.tr('_', '-') }
|
522
|
+
commands = self.class.all_commands.keys.map { |elem| elem.tr('_', '-') }
|
523
|
+
commands.reject! { |elem| %w[autocomplete default].include?(elem) }
|
511
524
|
end
|
512
525
|
|
513
526
|
def list_arguments(command:)
|
data/man/awskeyring.5
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
.\" generated with Ronn/v0.7.3
|
2
2
|
.\" http://github.com/rtomayko/ronn/tree/0.7.3
|
3
3
|
.
|
4
|
-
.TH "AWSKEYRING" "5" "
|
4
|
+
.TH "AWSKEYRING" "5" "April 2021" "" ""
|
5
5
|
.
|
6
6
|
.SH "NAME"
|
7
7
|
\fBAwskeyring\fR \- is a small tool to manage AWS account keys in the macOS Keychain
|
@@ -267,8 +267,34 @@ awskeyring env personal\-aws
|
|
267
267
|
.
|
268
268
|
.IP "" 0
|
269
269
|
.
|
270
|
+
.P
|
271
|
+
To open the AWS Console (web page) with your default browser simply run\.\.\.
|
272
|
+
.
|
273
|
+
.IP "" 4
|
274
|
+
.
|
275
|
+
.nf
|
276
|
+
|
277
|
+
awskeyring console personal\-aws
|
278
|
+
.
|
279
|
+
.fi
|
280
|
+
.
|
281
|
+
.IP "" 0
|
282
|
+
.
|
283
|
+
.P
|
284
|
+
Autocomplete is enabled in your current shell with the following command\.\.\.
|
285
|
+
.
|
286
|
+
.IP "" 4
|
287
|
+
.
|
288
|
+
.nf
|
289
|
+
|
290
|
+
complete \-C /usr/local/bin/awskeyring awskeyring
|
291
|
+
.
|
292
|
+
.fi
|
293
|
+
.
|
294
|
+
.IP "" 0
|
295
|
+
.
|
270
296
|
.SH "HISTORY"
|
271
|
-
The motivation of this application is to provide a local secure store of AWS credentials using specifically in the macOS Keychain, to have them easily accessed from the Terminal, and to provide useful functions like assuming roles and opening the AWS Console from the cli\. For Enterprise environments there are better suited tools to use like HashiCorp Vault \fIhttps://vaultproject\.io/\fR\.
|
297
|
+
The motivation of this application is to provide a local secure store of AWS credentials using specifically in the macOS Keychain, to have them easily accessed from the Terminal, and to provide useful functions like assuming roles and opening the AWS Console from the cli\. It then expanded to include autocomplete and a desire to have an almost complete test coverage to prevent regressions in its functionality\. For Enterprise environments there are better suited tools to use like HashiCorp Vault \fIhttps://vaultproject\.io/\fR\.
|
272
298
|
.
|
273
299
|
.SH "SECURITY"
|
274
300
|
If you believe you have found a security issue in Awskeyring, please responsibly disclose by contacting me at \fItristan\.morgan@servian\.com\fR\. Awskeyring is a Ruby script and as such Ruby is whitelisted to access your "awskeyring" keychain\. Use a strong password and keep the unlock time short\.
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: awskeyring
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.8.
|
4
|
+
version: 1.8.3
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Tristan Morgan
|
8
8
|
autorequire:
|
9
9
|
bindir: exe
|
10
10
|
cert_chain: []
|
11
|
-
date: 2021-
|
11
|
+
date: 2021-04-26 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: aws-sdk-iam
|
@@ -93,8 +93,8 @@ licenses:
|
|
93
93
|
metadata:
|
94
94
|
bug_tracker_uri: https://github.com/servian/awskeyring/issues
|
95
95
|
changelog_uri: https://github.com/servian/awskeyring/blob/main/CHANGELOG.md
|
96
|
-
documentation_uri: https://rubydoc.info/gems/awskeyring/1.8.
|
97
|
-
source_code_uri: https://github.com/servian/awskeyring/tree/v1.8.
|
96
|
+
documentation_uri: https://rubydoc.info/gems/awskeyring/1.8.3
|
97
|
+
source_code_uri: https://github.com/servian/awskeyring/tree/v1.8.3
|
98
98
|
wiki_uri: https://github.com/servian/awskeyring/wiki
|
99
99
|
post_install_message:
|
100
100
|
rdoc_options: []
|