Note: I recommend https://github.com/99designs/aws-vault instead, and will not be maintaining aws-keychain.
The aim of
aws-keychain is to run commands that require AWS credentials
without ever storing those credentials unencrypted on disk. Mac OS X's keychain
is used for storage, and credentials are passed to commands via the well known
environment variables that all tools look for.
aws-keychain (c) 2014-2015 Paul Annesley MIT license. Store multiple AWS IAM access keys in Mac OS X keychain. Check out one of them at a time into ~/.aws/credentials Manage access keys in Keychain: aws-keychain add <name> <access_key_id> <secret_access_key> aws-keychain add <name> # (interactive prompt for key and secret) aws-keychain ls aws-keychain exec <name> <command ... > aws-keychain rm <name>
aws-keychain to somewhere in your path.
ln -s $(pwd)/aws-keychain /usr/local/bin
If you're using Zsh, copy/symlink
_aws-keychain in an
ln -s $(pwd)/aws-keychain-completion.zsh /usr/local/share/zsh/site-functions/_aws-keychain
If you're using Bash, source
aws-keychain-completion.bash in your
.bashrc or copy/symlink
aws-keychain-completion.bash to your
ln -s $(pwd)/aws-keychain-completion.bash /usr/local/etc/bash_completion.d/aws-keychain-completion.bash
# beware shell history $ aws-keychain add personal AKILNNK8O1KFMIZRQY1J QURSltVBG33e1qUxVhtsDw $ aws-keychain add work Access Key ID: AKIJA9JFOPAKMH9AJPCJ Secret Access Key (hidden): ******** $ aws-keychain ls personal work $ aws-keychain exec personal aws s3 ls 2012-08-22 13:56:43 some-bucket-name 2014-02-12 19:12:31 another-bucket $ aws-keychain rm work password has been deleted. $ aws-keychain ls personal