aws-mfa
awsume
aws-mfa | awsume | |
---|---|---|
5 | 12 | |
1,009 | 477 | |
- | 0.8% | |
0.0 | 7.5 | |
9 months ago | about 2 months ago | |
Python | Python | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
aws-mfa
-
Script or software that automatically populate specific profile in ~/.aws/credentials
I will tell you that some tools like sceptre and terraform barf using a profile with mfa like this and I ended up using aws-mfa: https://github.com/broamski/aws-mfa and run this for example to create a "dynamic" runamok-power profile:
-
Authenticating to AWS provider
I use MFA so store a long term key that is used to generate a temporary key. I use this tool to do the mfa: https://github.com/broamski/aws-mfa
-
Lockdown AWS API calls to list of IPs
I too, struggled with aws-vault and eventually gave up and use https://github.com/broamski/aws-mfa. If you want to take it one step further you can use oathtool and store the totp key in the encrypted vault of your choice. That is still MFA but if you store the factors on the same system you will need to decide about that risk before going the oathtool route.
-
Amazon Web Service account hacked. Email changed and charged over 10k USD. PLEASE HELP
The built in CLI MFA solution sucks if you have a workflow that relies on named profiles. We use them heavily at work and implemented aws-mfa to make it so that all of our stuff could work without adopting ridiculous workflows.
- Can somebody ELI5 how to setup MFA in the CLI?
awsume
-
Switch & Leapp-cli - AWS session management 100% command line
I have used awsume a long time. Then I got a new Macbook and lost 1/2 hour installing different python versions. So I programmed switchaws in go to get a single executable. And, yes: I declare guilty of the "not invented here" syndrom :) .
-
Script or software that automatically populate specific profile in ~/.aws/credentials
Bonus comment: After setting up your aws credentials, have a look at awsume, which makes rapid switches between accounts and roles a lot easier.. :)
-
Falling for Kubernetes
Has anyone on AWS gotten k9s to work with Awsume [0] authentication?
[0] https://awsu.me/
-
Learning AWS from a GCP Background
Learn how to WORK with AWS well, for instance set up Awsume (https://awsu.me/, install the Switch Roles extension (https://chrome.google.com/webstore/detail/aws-extend-switch-roles/jpmkfafbacpgapdghgdpembnojdlgkdl). Try to make working with it as painless as possible. I went through a long phase of bitching and hating AWS but I've recently just given in.
- Stop putting AWS credentials in the credentials file
- Script for cli commands with MFA and multiple accounts
-
My Most Loved AWS Developer Tools & Resources
Haven’t tried Leapp, not sure how I’d feel about needing to swap to a UI every time. I’m a huge fan of Awsume
-
AWS identity and access management
💡 When working with different accounts and/or roles and enabled MFA, it's recommendable to get some tooling support. I love working with AWSume in this case. It's easy to set up and really intuitive to work with.
-
My favourite CDK parameter for large deployments is...
Together with awsume and cdkstat I can have a terminal dashboard if a want to monitor the deployment on multiple accounts:
- How do you store and manage multiple access keys for your personal accounts?
What are some alternatives?
pyotp - Python One-Time Password Library
aws-vault - A vault for securely storing and accessing AWS credentials in development environments
privacyIDEA - :closed_lock_with_key: multi factor authentication system (2FA, MFA, OTP Server)
saml2aws - CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP
aws-runas - aws-runas rewritten in Go
aws-extend-switch-roles - Extend your AWS IAM switching roles by Chrome extension, Firefox add-on, or Edge add-on
one-time - One Time Password (TOTP and HOTP) library for Clojure. TOTP/HOTP is widely used for Two Factor / Multi Factor Authentication.
terraform - Terraform enables you to safely and predictably create, change, and improve infrastructure. It is a source-available tool that codifies APIs into declarative configuration files that can be shared amongst team members, treated as code, edited, reviewed, and versioned.
ecs-deploy - Powerful CLI tool to simplify Amazon ECS deployments, rollbacks & scaling
aws-toolkit-vscode - Amazon Q, CodeCatalyst, Local Lambda debug, SAM/CFN syntax, ECS Terminal, AWS resources
aws-missing-tools - Random tools I've written to make life easier using AWS, namely aws-choose-profile and aws-mfa-login
k9s - 🐶 Kubernetes CLI To Manage Your Clusters In Style!