AWS credentials loader
Ruby Shell
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
bin
lib
spec
.gitignore
.rspec
.rubocop.yml
.travis.yml
Gemfile
LICENSE.txt
README.md
Rakefile
awsecrets.gemspec

README.md

awsecrets Gem Travis

AWS credentials loader

awsecrets config precedence

  1. Command Line Options (Awscreds#load method args OR self optparse)
  2. Environment Variables
  3. YAML file (secrets.yml)
  4. The AWS credentials file
  5. The CLI configuration file

(See http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#config-settings-and-precedence)

Installation

Add this line to your application's Gemfile:

gem 'awsecrets'

And then execute:

$ bundle

Or install it yourself as:

$ gem install awsecrets

Usage example

Create command line tool ec2sample like following code

#!/usr/bin/env ruby
require 'awsecrets'
Awsecrets.load
ec2_client = Aws::EC2::Client.new
puts ec2_client.describe_instances({ instance_ids: [ARGV.first] }).reservations.first.instances.first

And execute

$ ec2sample i-1aa1aaaa --profile mycreds --region ap-northeast-1

or

$ AWS_ACCESS_KEY_ID=XXXXXXXXXXXXXXXXXXXX AWS_SECRET_ACCESS_KEY=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX AWS_REGION=ap-northeast-1 ec2sample i-1aa1aaaa

or

$ cat <<EOF > secrets.yml
region: ap-northeast-1
aws_access_key_id: XXXXXXXXXXXXXXXXXXXX
aws_secret_access_key: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
EOF
$ ec2sample i-1aa1aaaa

Use AssumeRole

Support role_arn role_session_name source_profile.

1. .aws/config and .aws/credentials

see http://docs.aws.amazon.com/cli/latest/userguide/cli-roles.html

# .aws/config
[profile assumed]
role_arn = arn:aws:iam::123456780912:role/assumed-role
source_profile = assume_test
# .aws/credentials
[assume_test]
aws_access_key_id = XXXXXXXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

And execute

$ ec2sample i-1aa1aaaa --profile assumed --region ap-northeast-1

2. secrets.yml

$ cat <<EOF > secrets.yml
region: ap-northeast-1
aws_access_key_id: XXXXXXXXXXXXXXXXXXXX
aws_secret_access_key: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
role_arn = arn:aws:iam::123456780912:role/assumed-role

And execute

$ ec2sample i-1aa1aaaa

Contributing

  1. Fork it ( https://github.com/k1LoW/awsecrets/fork )
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create a new Pull Request