awssume 0.3.0 → 1.0.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/.gitignore +1 -1
  3. data/README.md +14 -2
  4. data/Rakefile +6 -1
  5. data/lib/awssume.rb +2 -1
  6. data/lib/awssume/adapter/aws_client.rb +4 -1
  7. data/lib/awssume/configuration.rb +2 -1
  8. data/lib/awssume/version.rb +1 -1
  9. metadata +13 -13
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 17c2f5df473de43d443a7dc2774415683c458cbc
4
- data.tar.gz: f0becdfff548d13be22f5c520f3cfc0061e147b1
3
+ metadata.gz: f5b2f4724c8cf4695843ee6682235531f3baf7ec
4
+ data.tar.gz: 97de699e604d22c9d6ce0f517e2d1f312f9e7727
5
5
  SHA512:
6
- metadata.gz: eebeef825ab3c35b834a9fb2c04aa94467802241c77a0bcb52cd2a6b26b0187f5275370b9f5007a3e3cb4e02b3ed3e3fac9fb1a44cc38148b6cab78c8db15a53
7
- data.tar.gz: db803f864564ba657b708ac774f919bc03d5b7c86aee47b097375e482fc1f249f572592239047c749fa28a84692bbe037bb83e8498145350f9b149cde26b5fa6
6
+ metadata.gz: f8082eede35e521f86bb281d709169ae91cbf365dd92c0b48db4288774b522f1c37d4a09d2d79968476fce50b88fbec8588175ccc94773e558657f4dadae4abb
7
+ data.tar.gz: b67343095b3e9f89246a142d79087fda0b29b086570e1aad8af335792e6dd9e93bfd769d7f313738fcb1c0ecaa713ae824f4b3943cc1695772ad16f9acb933fc
data/.gitignore CHANGED
@@ -7,4 +7,4 @@
7
7
  /pkg/
8
8
  /spec/reports/
9
9
  /tmp/
10
- /vendor/bundle/
10
+ /vendor/
data/README.md CHANGED
@@ -48,7 +48,7 @@ You can configure env vars to authenticate with AWS:
48
48
  ```
49
49
 
50
50
  If AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY aren't set then other
51
- authentication options are checked(such as instance profiles). This is
51
+ authentication options are checked (such as instance profiles). This is
52
52
  functionality provided by the aws-sdk.
53
53
 
54
54
  ```
@@ -67,7 +67,7 @@ functionality provided by the aws-sdk.
67
67
  There are scenarios where you might want to [use an external id][aws_ext_id]
68
68
  in a condition on your assume role policy. For such cases, the gem will look
69
69
  for the ``AWS_ROLE_EXTERNAL_ID`` variable in your environment. If this variable
70
- is set the value will be sent allong in the STS Assume Role request.
70
+ is set the value will be sent along in the STS Assume Role request.
71
71
 
72
72
  ```
73
73
  $ AWS_ROLE_ARN=arn::aws::iam::123456789012:role/RoletoAssume \
@@ -77,6 +77,18 @@ is set the value will be sent allong in the STS Assume Role request.
77
77
 
78
78
  [aws_ext_id]: http://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html
79
79
 
80
+ It's also possible to request credentials that
81
+ [last longer than the default of one hour](https://aws.amazon.com/about-aws/whats-new/2018/03/longer-role-sessions/)
82
+ if the role you're assuming is configured to support them (``MaxSessionDuration``
83
+ greater than 3600 seconds). Here's an example of assuming 12-hour (43200 second; the maximum)
84
+ credentials for a _really_ long-running command:
85
+
86
+ ```
87
+ $ AWS_ROLE_ARN=arn::aws::iam::123456789012:role/RoletoAssume \
88
+ AWS_ROLE_DURATION_SECONDS=43200 \
89
+ awssume really-long-running-command
90
+ ```
91
+
80
92
  ## Development
81
93
 
82
94
  After checking out the repo, run `bin/setup` to install dependencies. Then, run
data/Rakefile CHANGED
@@ -3,4 +3,9 @@ require "rspec/core/rake_task"
3
3
 
4
4
  RSpec::Core::RakeTask.new(:spec)
5
5
 
6
- task :default => :spec
6
+ task :default => [:help]
7
+
8
+ desc "Display the list of available rake tasks"
9
+ task :help do
10
+ system("rake -T")
11
+ end
data/lib/awssume.rb CHANGED
@@ -11,7 +11,8 @@ module Awssume
11
11
  region: config.region,
12
12
  role_arn: config.role_arn,
13
13
  role_session_name: config.role_session_name,
14
- external_id: config.external_id
14
+ external_id: config.external_id,
15
+ duration_seconds: config.duration_seconds,
15
16
  )
16
17
  aws_env = {
17
18
  'AWS_REGION' => config.region,
data/lib/awssume/adapter/aws_client.rb CHANGED
@@ -24,10 +24,13 @@ module Awssume
24
24
  p = {
25
25
  role_arn: config[:role_arn],
26
26
  role_session_name: role_session_name,
27
- external_id: config[:external_id]
27
+ external_id: config[:external_id],
28
+ duration_seconds: config[:duration_seconds],
28
29
  }
29
30
 
30
31
  p.delete(:external_id) unless p[:external_id]
32
+ p.delete(:duration_seconds) \
33
+ if p[:duration_seconds].nil? || p[:duration_seconds] == 0
31
34
 
32
35
  p
33
36
  end
data/lib/awssume/configuration.rb CHANGED
@@ -19,7 +19,8 @@ module Awssume
19
19
  # The utility will function without issue if an optional value is missing
20
20
  def self.options
21
21
  {
22
- external_id: ENV['AWS_ROLE_EXTERNAL_ID']
22
+ external_id: ENV['AWS_ROLE_EXTERNAL_ID'],
23
+ duration_seconds: ENV['AWS_ROLE_DURATION_SECONDS'].to_i
23
24
  }
24
25
  end
25
26
 
data/lib/awssume/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Awssume
2
- VERSION = "0.3.0"
2
+ VERSION = "1.0.0"
3
3
  end
metadata CHANGED
@@ -1,55 +1,55 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: awssume
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.3.0
4
+ version: 1.0.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - reppard
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2016-10-14 00:00:00.000000000 Z
11
+ date: 2018-08-01 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake
15
15
  requirement: !ruby/object:Gem::Requirement
16
16
  requirements:
17
- - - ~>
17
+ - - "~>"
18
18
  - !ruby/object:Gem::Version
19
19
  version: '10.0'
20
20
  type: :development
21
21
  prerelease: false
22
22
  version_requirements: !ruby/object:Gem::Requirement
23
23
  requirements:
24
- - - ~>
24
+ - - "~>"
25
25
  - !ruby/object:Gem::Version
26
26
  version: '10.0'
27
27
  - !ruby/object:Gem::Dependency
28
28
  name: rspec
29
29
  requirement: !ruby/object:Gem::Requirement
30
30
  requirements:
31
- - - '>='
31
+ - - ">="
32
32
  - !ruby/object:Gem::Version
33
33
  version: '0'
34
34
  type: :development
35
35
  prerelease: false
36
36
  version_requirements: !ruby/object:Gem::Requirement
37
37
  requirements:
38
- - - '>='
38
+ - - ">="
39
39
  - !ruby/object:Gem::Version
40
40
  version: '0'
41
41
  - !ruby/object:Gem::Dependency
42
42
  name: aws-sdk
43
43
  requirement: !ruby/object:Gem::Requirement
44
44
  requirements:
45
- - - '>='
45
+ - - ">="
46
46
  - !ruby/object:Gem::Version
47
47
  version: '0'
48
48
  type: :runtime
49
49
  prerelease: false
50
50
  version_requirements: !ruby/object:Gem::Requirement
51
51
  requirements:
52
- - - '>='
52
+ - - ">="
53
53
  - !ruby/object:Gem::Version
54
54
  version: '0'
55
55
  description: This is a gem for assuming an AWS IAM role and using the returned temporary
@@ -61,8 +61,8 @@ executables:
61
61
  extensions: []
62
62
  extra_rdoc_files: []
63
63
  files:
64
- - .gitignore
65
- - .rspec
64
+ - ".gitignore"
65
+ - ".rspec"
66
66
  - Gemfile
67
67
  - LICENSE.txt
68
68
  - README.md
@@ -87,17 +87,17 @@ require_paths:
87
87
  - lib
88
88
  required_ruby_version: !ruby/object:Gem::Requirement
89
89
  requirements:
90
- - - '>='
90
+ - - ">="
91
91
  - !ruby/object:Gem::Version
92
92
  version: '0'
93
93
  required_rubygems_version: !ruby/object:Gem::Requirement
94
94
  requirements:
95
- - - '>='
95
+ - - ">="
96
96
  - !ruby/object:Gem::Version
97
97
  version: '0'
98
98
  requirements: []
99
99
  rubyforge_project:
100
- rubygems_version: 2.0.14.1
100
+ rubygems_version: 2.4.8
101
101
  signing_key:
102
102
  specification_version: 4
103
103
  summary: Assume a role, do a thing.