Skip to content

Assume cross-account AWS IAM roles for sub commands

Notifications You must be signed in to change notification settings

mikljohansson/awsu

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Assume AWS IAM role

Travis CI

Assumes an IAM role and passes the temporary credentials to another command or shell.

If you manage multiple AWS accounts and use IAM role switching to perform work in them, this would allow you to use tools like Terraform, Docker Machine or Vagrant in the accounts. Cross account IAM role switching is described at

Usage

Assume a AWS IAM role and execute a command or shell. If no command is given an interactive
shell will be started with the credentials supplied as environment variables.

Usage:
  awsu IAMRoleARN [command] [args]... [flags]

Flags:
      --duration int   Expiration time in seconds for the temporary credentials (default 900)

Installation

See the releases page for version numbers

sudo sh -c 'curl -fsSLo /usr/bin/awsu "https://github.com/mikljohansson/awsu/releases/download/AWSU_VERSION/awsu-`uname -s`-`uname -m`" && chmod +x /usr/bin/awsu'

If you have Golang installed you could also install from source like

go get github.com/mikljohansson/awsu

Quick Access

It could be useful to setup ~/.bash_aliases for roles in different accounts

# Enable prompt postfix
if [[ -n "$PROMPT_POSTFIX" ]]; then
    PS1="${PS1}${PROMPT_POSTFIX}\$ "
fi

# Easy color customization at http://ezprompt.net/
alias ondev='env PROMPT_POSTFIX="\[\e[1;32m\]<dev>\[\e[m\]" awsu arn:aws:iam::123456789:role/Developer'
alias onstaging='env PROMPT_POSTFIX="\[\e[1;33m\]<staging>\[\e[m\]" awsu arn:aws:iam::678912345:role/Developer'
alias onproduction='env PROMPT_POSTFIX="\[\e[1;31m\]<production>\[\e[m\]" awsu arn:aws:iam::891234567:role/Developer'

For example

$ ondev terraform plan
...

$ ondev docker-machine create --driver amazonec2 ...
...

Or to drop into an interactive shell

$ onstaging
<staging>$ terraform plan
...

<staging>$ terraform apply
...

Inspired by

About

Assume cross-account AWS IAM roles for sub commands

Resources

Stars

Watchers

Forks

Packages

No packages published