Skip to content

BrandorrGroup/aws-sudo

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

aws-sudo

Why?

It is often necessary to require Multi Factor Authentication (MFA) when using AWS access tokens or performing certain CLI operations. AWS has documentation on how to do this by issuing expiring access keys using STS. The process is somewhat complex, so this CLI tool automates it for commands that don't have built in support

Installation

npm install -g aws-sudo

Usage

aws-sudo -h
Options:
  --version       Show version number                                  [boolean]
  --token, -t     Token from your MFA device                            [string]
  --duration, -d  Seconds to issue the session token for, defaults to 12 hours
                                                       [number] [default: 43200]
  -h              Show help                                            [boolean]

aws-sudo will prompt you for a token and run your command with the mfa session's env variables set.

aws-sudo node ./list-buckets.js
# Token: 123456
2017-01-24 12:19:38 your-bucket-here
2017-01-24 12:19:38 your-other-bucket-here

The session credentials are cached and checked before running, you'll be prompted for a new code if they expire.

If you don't supply a command it will give you env vars you can eval

aws-sudo
# Token: 123456
AWS_ACCESS_KEY_ID=ABCDEF232423423; export AWS_ACCESS_KEY_ID;
AWS_SECRET_ACCESS_KEY=xxxxxxxxxxxx; export AWS_SECRET_ACCESS_KEY;
AWS_SESSION_TOKEN=xxxxxxxxxxxx; export AWS_SESSION_TOKEN

# to directly eval them
eval $(ssh-agent --token 123456)

About

No description, website, or topics provided.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 100.0%