Skip to content

cariad/wev-awsmfa

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

.github

.github

 
 

docs

docs

 
 

wev_awsmfa

wev_awsmfa

 
 

.coveragerc

.coveragerc

 
 

.editorconfig

.editorconfig

 
 

.gitignore

.gitignore

 
 

.yamllint.yml

.yamllint.yml

 
 

LICENSE

LICENSE

 
 

MANIFEST.in

MANIFEST.in

 
 

Pipfile

Pipfile

 
 

Pipfile.lock

Pipfile.lock

 
 

README.md

README.md

 
 

build.sh

build.sh

 
 

pyproject.toml

pyproject.toml

 
 

setup.cfg

setup.cfg

 
 

setup.py

setup.py

 
 

test.sh

test.sh

 
 

Repository files navigation

wev-awsmfa
A wev plugin to support Amazon Web Services multi-factor authentication on the command line

codecov

  • ⚙️ Plugin for wev.
  • 👮 Takes your one-time token and creates a temporary multi-factor authenticated session.
  • 📋 Caches your temporary session to minimise prompts.

asciicast

🔥 The Problem

Say your IAM user policy requires you to verify your identity via multi-factor authentication.

This limits your ability to use the aws CLI because you can't provide MFA tokens with your requests.

wev-awsmfa extends wev to prompt for your one-time tokens and authenticate you automatically.

🎁 Installation

wev-awsmfa requires Python 3.8 or later and wev.

python -m pip install wev
python -m pip install wev-awsmfa

⚙️ Configuration

Filename and location

See wevcli.app/configuration for a detailed guide to wev configuration files.

If in doubt, create your configuration file as wev.yml in your project directory.

Keys

wev-awsmfa must be configured to resolve three environment variables:

Index Description Suggested name
0 AWS access key ID AWS_ACCESS_KEY_ID
1 AWS secret key AWS_SECRET_ACCESS_KEY
2 AWS session token AWS_SESSION_TOKEN

Properties

wev-awsmfa supports two optional properties:

Property Description Default
duration Duration of the temporary session in seconds 900
mfa_device ARN of the multi-factor device to use Attempt to discover automatically.

Examples

Minimal configuration

[AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN]:
  plugin:
    id: wev-awsmfa

30-second sessions

[AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN]:
  plugin:
    id: wev-awsmfa
    duration: 1800
    mfa_device: arn:aws:iam::123456789012:mfa/foo

💻 Usage

Run wev with any command that requires a multi-factor authenticated session.

For example, to run aws s3 ls in a multi-factor authenticated session:

wev aws s3 ls

You'll be prompted to enter your one-time token, then wev will authenticate you and run the command.

More examples:

FAQs 🙋‍♀️

Will wev-awsmfa work with my scripts?

Yes! wev-awsmfa will work with any command line application or script that requires a multi-factor authenticated session

Thank you! 🎉

My name is Cariad, and I'm an independent freelance DevOps engineer.

I'd love to spend more time working on projects like this, but--as a freelancer--my income is sporadic and I need to chase gigs that pay the rent.

If this project has value to you, please consider ☕️ sponsoring me. Sponsorships grant me time to work on your wants rather than someone else's.

Thank you! ❤️

About

A wev plugin to support Amazon Web Services multi-factor authentication on the command line

Topics

multi-factor-authentication

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 5

1.1.0 Latest
Jan 16, 2021
+ 4 releases

Sponsor this project

 
Learn more about GitHub Sponsors

Languages