{"id":16307141,"url":"https://github.com/fujiwara/aswrap","last_synced_at":"2025-03-22T20:33:24.980Z","repository":{"id":66794775,"uuid":"114005023","full_name":"fujiwara/aswrap","owner":"fujiwara","description":"AWS assume role credential wrapper","archived":false,"fork":false,"pushed_at":"2023-10-30T03:09:13.000Z","size":65,"stargazers_count":22,"open_issues_count":0,"forks_count":2,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-01T18:22:06.009Z","etag":null,"topics":["aws","perl"],"latest_commit_sha":null,"homepage":null,"language":"Perl","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fujiwara.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-12-12T15:13:11.000Z","updated_at":"2024-11-14T09:43:52.000Z","dependencies_parsed_at":"2024-10-28T14:28:45.233Z","dependency_job_id":"9fb1be6e-f243-4a2f-a641-9bc83acb356b","html_url":"https://github.com/fujiwara/aswrap","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fujiwara%2Faswrap","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fujiwara%2Faswrap/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fujiwara%2Faswrap/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fujiwara%2Faswrap/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fujiwara","download_url":"https://codeload.github.com/fujiwara/aswrap/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244236373,"owners_count":20420793,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","perl"],"created_at":"2024-10-10T21:12:40.704Z","updated_at":"2025-03-22T20:33:24.542Z","avatar_url":"https://github.com/fujiwara.png","language":"Perl","funding_links":[],"categories":[],"sub_categories":[],"readme":"# aswrap\n\nAWS assume role credential wrapper.\n\n## Description\n\naswrap is useful for some commands which couldn't resolve an assume role credentials in ~/.aws/credentials and IAM Identity Center credentials cache.\n\nFor example,\n\n- Implemented with [aws-sdk-go](https://github.com/aws/aws-sdk-go)\n- [Terraform](https://www.terraform.io/)\n- [Packer](https://www.packer.io/)\n- etc.\n\n## Install\n\nPlace a `aswrap` command to your PATH and set an executable flag.\n\n```console\n$ curl -Lso path/to/aswrap https://github.com/fujiwara/aswrap/releases/download/v0.0.3/aswrap \u0026\u0026 chmod +x path/to/aswrap\n```\n\nOr use Homebrew.\n\n```console\n$ brew install fujiwara/tap/aswrap\n```\n\n## Usage\n\nfor Assume Role.\n```ini\n# ~/.aws/credentials\n\n[my-profile]\naws_access_key_id=XXX\naws_secret_access_key=YYY\n\n[foo]\nregion=ap-northeast-1\nsource_profile=my-profile\nrole_arn=arn:aws:iam::999999999999:role/MyRole\n```\n\nfor IAM Identity Center.\n\n```ini\n# ~/.aws/config\n\n[profile foo]\nsso_start_url = https://example.awsapps.com/start\nsso_region = ap-northeast-1\nsso_account_id = 123456789012\nsso_role_name = myrole\nregion = ap-northeast-1\n```\n\n### As command wrapper\n\n```console\n$ AWS_PROFILE=foo aswrap some_command [arg1 arg2...]\n```\n\n`aswrap` works as below.\n\n1. Find `AWS_PROFILE` section in ~/.aws/credentials and ~/.aws/config .\n2.\n   - (For assume role) Call `aws sts assume-role` to a get temporary credentials.\n   - (For IAM Identity Center) Call `aws sso get-role-credentials` to a get temporary credentials.\n3. Set the credentilas to environment variables.\n   - `AWS_ACCESS_KEY_ID`\n   - `AWS_SECRET_ACCESS_KEY`\n   - `AWS_SESSION_TOKEN`\n   - `AWS_REGION` if available in the section.\n4. Execute `some_command` with args.\n\n### As env exporter\n\nWhen aswrap is executed with no arguments, aswrap outputs shell script to export AWS credentials environment variables.\n\n```console\n$ export AWS_PROFILE=foo\n$ aswrap\nexport AWS_ACCESS_KEY_ID=XXXXXXXXXXXXXXXX\nexport AWS_SECRET_ACCESS_KEY=eW8JjiLZk+mzNmEQJyORdzk....\nexport AWS_SESSION_TOKEN=2b0gN9qucmINvL8D4sgpLbzvJ31Es5/VBy9gYFpxKFWBrODYMBqcq5WksJGp9RW.....\nexport AWS_REGION=ap-northeast-1\n```\n\nYou can set the credentials in current shell by `eval`.\n\n```console\n$ eval \"$(aswrap)\"\n```\n\nTemporary credentials has expiration time (about 1 hour).\n\n## Requirements\n\n- Perl (\u003e= 5.14.0)\n  - required JSON::PP\n- [aws-cli](https://github.com/aws/aws-cli)\n\n## LICENSE\n\nThis library is free software; you can redistribute it and/or modify\nit under the same terms as Perl itself.\n\n## Author\n\nCopyright (c) 2017 FUJIWARA Shunichiro\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffujiwara%2Faswrap","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffujiwara%2Faswrap","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffujiwara%2Faswrap/lists"}