npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@zommarin/aws-mfa-util

v0.2.1

Published

AWS MFA Credentials Helper

Downloads

5

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

zommarinzommarin

Keywords

AWSMFAcredentials

Readme

AWS MFA Credentials Helper

Codeship Status for zommarin/aws-mfa-util

A utility that implements MFA (Multi Factor Authentication, e.g. the Google Authenticator) support for the AWS CLI as well as applications using AWS APIs. It's purpose is similar to Limes, but it works purely by manipulating the ~/.aws/credentials file (Limes works by emulating the AWS metadata API).

Installation

From npm (recommended)

You need to have Node.js (and npm which is bundled) installed (which optionally can be done using NVM).

Install the package globally using npm:

npm install -g @zommarin/aws-mfa-util

The command should now be available as:

aws-mfa-util --help

Configuration

The utility works using the settings in the ~/.aws/credentials file. It needs to profiles (i.e sections in the file):

  • One that has the account credentials to which an MFA is associated.
    This section has to exists before running the command.
  • One that contains the temporary token.
    This token is given by AWS as a result of presenting a valid MFA generated code.

An example:

[default]
aws_access_key_id=BCTUMHTXNZKSRT8RDLEK
aws_secret_access_key=LDp2llJ7R2Mwc9IpqWZbhahxcZN3nmwpq92
mfa_serial=arn:aws:iam::6372819375:mfa/[email protected]

[mfa]
region=eu-west-1

The [default] section contains the access key and token for the account (as created in the AWS IAM WebUI). Here also the ARN of the MFA device is stated.

Optionally the target section is already present before running the aws-mfa-util where extra configuration can be given (in this case the default region).

Usage

Given the configuration file above you can use your MFA to generate a code, e.g. 123456, and generate credentials in the target section:

aws-mfa-util -c 123456

Which would update the file with credentials in the [mfa] section:

[default]
aws_access_key_id=BCTUMHTXNZKSRT8RDLEK
aws_secret_access_key=LDp2llJ7R2Mwc9IpqWZbhahxcZN3nmwpq92
mfa_serial=arn:aws:iam::6372819375:mfa/[email protected]

[mfa]
region=eu-west-1
aws_access_key_id=WeXC/Z7SPjY/CXGpeQ8Nng
aws_secret_access_key=74vPyestExgdvEmBU+BJfevj3sTaC0RzDRALuhhR
aws_session_token=BNI29w/e1Rh1Um2s/4De++6PNrZ+Gcrnl+s/wPkL2NgfKbD8I08qcsycbfQknWOqkH7f9OqaqExWOsM6f9FB2fqRtzYkXCnjl4k6Ay8q5fYQnsASJciRcqhb0KUFZZERWishybaNpud7gjMTt+QCDFczyL4tRPs+30rVsIrIDiWtjYaZB2Y
region=eu-west-1
expires=2018-10-05T14:48:16.000Z

Now AWS CLI commands as well as AWS API based programs can use the credentials by setting the AWS_PROFILE environment variable:

export AWS_PROFILE=mfa

Usage with Roles

If IAM Roles are used, then they may simply use the MFA created profile by adding the following to the ~/.aws/credentials file:

[my-role-a]
region=eu-west-1
role_arn=arn:aws:iam::6372819375:role/TheRoleA
source_profile=mfa

[my-role-b]
region=eu-west-1
role_arn=arn:aws:iam::6372819375:role/TheRoleB
source_profile=mfa

This way the MFA login may be re-used by the different roles simply by exporting the needed AWS_PROFILE variable:

# Select the TheRoleB role
export AWS_PROFILE=my-role-b