Skip to content
For people who like ponies or poor AWS key hygiene. I think those are the same things.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
index.js Ensure aws-vault sessions don't trigger the pony. Sep 29, 2015
my_little_pony_wallpaper_by_theshadowstone-d7iyp7s.png Make it more better. Sep 28, 2015


Kids, don't just npm install stuff willy nilly. Things you don't expect can happen.

If you're having trouble educating your team about the dangers of leaving credentials in easy to anticipate locations while working in an ecosystem of dependencies that pull dependencies that pull dependencies that no one reviews, try npm install aws-pony --save on some of your projects at work and see if anyone catches the commit.

This is part of our internal education process for AWS Vault, our CLI tool for using STS sessions on amazon safely instead of accidentally leaking power user IAM creds.

Flagrantly disregarding SemVer as was the style at the time.


© 2015 99designs / John Barton

Code: ICS
Wallpaper: Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 License from
You can’t perform that action at this time.