Skip to content

A small CLI to help with creating AWS profile for MFA protected sessions

License

Notifications You must be signed in to change notification settings

browniebroke/stsmfa-cli

Repository files navigation

STS MFA CLI

CI Status Test coverage percentage

Poetry Ruff pre-commit

PyPI Version Supported Python versions License


Source Code: https://github.com/browniebroke/stsmfa-cli


Creating temporary profiles for multi-factor auth (MFA) protected accounts using AWS STS is too hard. This is a small CLI that helps with that.

Installation

Via Homebrew:

brew install browniebroke/tap/stsmfa-cli

Via pip, pipx, or your favourite Python package manager:

pip install stsmfa-cli

Usage

The CLI is a simple command stsmfa that creates a profile for a temporary session protected by MFA.

Assuming your ~/.aws/credentials file looks like this:

[my-profile-name]
aws_access_key_id = AKIAXXXXX
aws_secret_access_key = xxxx
mfa_serial = arn:aws:iam::123456789010:mfa/first.last

When running, for example:

stsmfa --profile my-profile-name 123456

This will create a session using the MFA serial defined under my-profile-name with the one-time password 123456, and save the required AWS key, secret and token under as a new profile my-profile-name-mfa in you ~/.aws/credentials file.

Now to use that session, you just need to set AWS_PROFILE=my-profile-name-mfa.

If your MFA serial is defined under the default profile, you don't need to specify the --profile option.

Contributors ✨

Thanks goes to these wonderful people (emoji key):

Bruno Alla
Bruno Alla

💻 🤔 📖

This project follows the all-contributors specification. Contributions of any kind welcome!

Credits

This package was created with Copier and the browniebroke/pypackage-template project template.

About

A small CLI to help with creating AWS profile for MFA protected sessions

Topics

Resources

License

Code of conduct

Stars

Watchers

Forks

Sponsor this project

 

Packages

No packages published