This is an experimental library, and is currently unsupported
redyl
handles multi-factor authentication and automatic IAM key rotation for human use of the AWS API.
$ redyl
You should receive a prompt for an MFA code. If it's a good code, redyl
will write rotate your access keys and write updated values to ~/.aws/credentials.
You'll need your credentials files set up in a particular way for this to work:
$ cat ~/.aws/config
[default]
region = us-east-1
# you can find this under Assigned MFA device at https://console.aws.amazon.com/iam/home?#/users/youruser?section=security_credentials
mfa_serial = arn:aws:iam::account_number:mfa/username
$ cat ~/.aws/credentials
# use default_original here, not default - redyl will write temporary credentials to default
[default_original]
aws_access_key_id = YOUR_ACCESS_KEY
aws_secret_access_key = YOUR_SECRET_KEY
If you'd like to use a named profile instead of default
, use the profile
argument. Let's say you're using a named profile called "operations"
redyl --profile=operations
This should work fine as long as you have sections like this in your config and credentials:
$ cat ~/.aws/config
[operations]
region = us-east-1
mfa_serial = arn:aws:iam::account_number:mfa/username
$ cat ~/.aws/credentials
[operations_original]
aws_access_key_id = YOUR_ACCESS_KEY
aws_secret_access_key = YOUR_SECRET_KEY
-
Find the latest release on https://github.com/pbs/redyl/releases and download the binary for your system (look for
darwin
if you're using a mac,linux
orwindows
otherwise). -
Move the binary somewhere in your PATH
mv ~/Downloads/redyl-0.1.0-darwin-amd64 /usr/local/bin/redyl
- Set the executable bit
chmod +x /usr/local/bin/redyl
redyl
should now work, tryredyl version