CLI to allow easy aws role assumption.
Assuming roles in AWS via the CLI is clunky with the default tooling. You need to do something like this:
# Assume the role. Man that's a long string to have to paste on the CLI!
aws sts assume-role --role-arn arn:aws:iam::123456789012:role/xaccounts3access --role-session-name s3-access-example
# Now copy the secret key, access key, and token from the output and paste it:
export AWS_ACCESS_KEY_ID=...
export AWS_SECRET_KEY=...
export AWS_SESSION_TOKEN=...
# Okay, NOW you can do stuff using the role....
Before doing this, you need to have the following environment variables exported:
AWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEYAWS_MFA_SERIAL-- you only need this if you require MFA for role assumption (which hopefully, you do).AWS_DEFAULT_REGION
I suggest putting these into a ~/.secrets file so you don't type this stuff out all the time.
Once this is done, you can do the following:
- Create a ~/.aws_roles file. It's yaml, and it looks like this:
my_role: arn:aws:iam::123456789012:role/xaccounts3access
my_other_role: arn:aws:iam::2109876312412:otherrole/admin- Assume the role:
# You'll get prompted for your MFA token if necessary:
eval `aws-role -r my_role`
# Now do the things!
aws s3 ls # etc- Oh you want to login to the UI or print out a link? No problem!
# Uses "open" under the hood, only works on OSX:
aws-role -r my_role --ui
# Just print out the url instead of opening it:
aws-role -r my_role --urlgem install aws-roleAfter checking out the repo, run bin/setup to install dependencies. Then, run rake spec to run the tests. You can also run bin/console for an interactive prompt that will allow you to experiment.
To install this gem onto your local machine, run bundle exec rake install. To release a new version, update the version number in version.rb, and then run bundle exec rake release, which will create a git tag for the version, push git commits and tags, and push the .gem file to rubygems.org.
Bug reports and pull requests are welcome on GitHub at https://github.com/sheax0r/aws-role.