Skip to content
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

README.md

aws-credential-manager

This command line utility uses two ways of managing aws credentials, to assist those of us who write apps and/or use the AWS CLI with multiple sets of credentials.

Features:

  1. Keeps a list of "stored credentials" using the AWS API's ProfileManager utilities. View, add or remove from this list.
  2. Allows you to set the default credential, using a wrapper for aws configure. Default is indicated on list.
  3. "Push" any stored credential to a named credential, using a wrapper for aws configure.
  4. Whois function allows you to determine the AWS IAM user for any user.

Main menu

=== Stored Credetials ===
client1           AKIAIZZZZZZZZZZZZZZZ
anotherclient     AKIAIYYYYYYYYYYYYYYY  (default)
mm sandbox        AKIAIAAAAAAAAAAAAAAA

A: Add    stored credential
R: Remove stored credential
S: Set    default credential
P: Push   to named credential
W: Whois  IAM user associated named credential
X: Exit

Whois function

Choose credential (use arrows or type): client1
Account: client1
User:    arn:aws:iam::999999999999:user/iamuser1

Add new profile

Profile name: newprofile
Access key: AAAAAAAAAAAAAAAAAAAA
Secret key: BBBBBBBBBBBBBBBBBBBBBBB

Note on default credentials

If one of the credentials listed by the credential manager is called "default", this will be picked up by the AWS API, but NOT by the command line.

To explain, this app stores credentials in two different places:

  1. As "named credentials" - You're setting this any time you choose the default or "push to a named credential". These are plain text (don't shoot the messenger) and are at %USERPROFILE%.aws\credentials. A "default" here is seen by both the CLI and the AWS API.
  2. Using the AWS API's ProfileManager utilities - This is the main list that is displayed, and these are encrypted and stored at %LOCALAPPDATA%/AWSToolkit/RegisteredAccounts.json. If you set a "default" here, it is only seen by the AWS API, but takes priority over the other one.

The simplest solution is to keep only one default: A "named credential" which will be picked up by both the cli and the api.

About

This command line tool provides a single place to manage credentials, a way to quickly switch between default credentials, determine which account a credential refers to, and more.

Resources

Releases

No releases published

Languages

You can’t perform that action at this time.