A simple utility that allows you import a public key into all AWS regions with a single command.
Table of Contents
- AWS Keymaster
Makefile to build
To build a docker container:
docker build -t aws-keymaster .
aws-keymaster, you need to ensure that you have configured access to your AWS account. You can do so by using the AWS CLI to configure your development machine. Alternatively, you can configure credentials by creating a file called
~/.aws/credentials with contents that look something like this:
[default] aws_access_key_id = AKID1234567890 aws_secret_access_key = MY-SECRET-KEY
Or, you can use environment variables to configure your credentials.
Amazon has a blog post with more information about how to configure your AWS credentials.
Usage: aws-keymaster [command] Available Commands: import Imports a public key into all AWS regions delete Deletes a keypair from all AWS regions version Display the version of aws-keymaster Flags: --dry-run[=false]: Checks whether you have the required permissions, without attempting the request -h, --help[=false]: help for aws-keymaster Use "aws-keymaster [command] --help" for more information about a command.
Import a public key into all regions
Imports a public key with the specified name and public key to all AWS regions Usage: aws-keymaster import [name] [public key file] [flags] Global Flags: --dry-run[=false]: Checks whether you have the required permissions, without attempting the request
To import a public key to all regions, you use the
import command. It requires two arguments: the name of the key pair and the path to the public key on your file system.
./bin/aws-keymaster import mykey ~/.ssh/id_rsa.pub eu-west-1: Imported keypair 'mykey' - 57:bf:37:68:69:18:29:aa:4d:da:f7:1b:e6:28:4e:e8 ap-southeast-1: Imported keypair 'mykey' - 57:bf:37:68:69:18:29:aa:4d:da:f7:1b:e6:28:4e:e8 ...
If you do not pass in those arguments,
aws-keymaster will prompt you for them.
./bin/aws-keymaster import Key Name: mypubkey Public key [/Users/ryan/.ssh/id_rsa.pub]: eu-west-1: Imported keypair 'mypubkey' - 57:bf:37:68:69:18:29:aa:4d:da:f7:1b:e6:28:4e:e8 ...
Delete a named keypair from all regions
Deletes a keypair with the specified name from all AWS regions Usage: aws-keymaster delete [name] [flags] Flags: -f, --force[=false]: Delete keypairs without prompting Global Flags: --dry-run[=false]: Checks whether you have the required permissions, without attempting the request
To delete a keypair called
keypairname from all regions, you can use the
./bin/aws-keymaster delete keypairname Are you sure you want to delete keypair 'testing'? (yes/no) [no]: yes eu-west-1: Deleted keypair 'keypairname' ap-southeast-1: Deleted keypair 'keypairname' ...
You can delete a keypair without prompting by using the
./bin/aws-keymaster delete keypairname --force
For both the
delete commands, you can use the
--dry-run flag to confirm that your AWS credentials have the sufficient permissions to perform the operations:
./bin/aws-keymaster import mykey ~/.ssh/id_rsa.pub --dry-run [Dry Run] eu-west-1: Imported keypair 'mykey' [Dry Run] ap-southeast-1: Imported keypair 'mykey' ...
Running from Docker
If you are running
aws-keymaster from a docker container, you will likely need to use a volume mount in order to be able to specify a public key on the local file system. In addition, you may need to use environment variables to pass in your AWS credentials. The example below illustrates how to use the docker container to run the
docker run --rm -it -v ~/.ssh/:/ssh -e "AWS_ACCESS_KEY_ID=AKID1234567890" -e "AWS_SECRET_ACCESS_KEY=MY-SECRET-KEY" ryane/aws-keymaster import dockertest /ssh/id_rsa.pub
aws-keymaster is released under the Apache 2.0 license (see LICENSE)