{"id":16304821,"url":"https://github.com/moznion/sesstok","last_synced_at":"2025-03-22T19:35:04.626Z","repository":{"id":35491280,"uuid":"207353042","full_name":"moznion/sesstok","owner":"moznion","description":"A CLI tool to get AWS onetime session token on MFA enabled environment and update it automatically","archived":false,"fork":false,"pushed_at":"2023-02-25T11:52:28.000Z","size":287,"stargazers_count":9,"open_issues_count":3,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-03-18T14:15:30.311Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/moznion.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-09-09T16:22:06.000Z","updated_at":"2024-09-04T02:44:40.000Z","dependencies_parsed_at":"2024-06-20T05:46:37.122Z","dependency_job_id":"17950372-5f3d-4913-b07c-b4ae3b7d8014","html_url":"https://github.com/moznion/sesstok","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/moznion%2Fsesstok","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/moznion%2Fsesstok/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/moznion%2Fsesstok/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/moznion%2Fsesstok/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/moznion","download_url":"https://codeload.github.com/moznion/sesstok/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245013747,"owners_count":20547175,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-10-10T21:04:54.601Z","updated_at":"2025-03-22T19:35:04.271Z","avatar_url":"https://github.com/moznion.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# sesstok\n\nA CLI tool to get AWS onetime session token on MFA enabled environment and update it automatically.\n\nSee also: [https://aws.amazon.com/premiumsupport/knowledge-center/authenticate-mfa-cli/](https://aws.amazon.com/premiumsupport/knowledge-center/authenticate-mfa-cli/)\n\n## Features\n\n- Get STS onetime session token\n- Update AWS credentials file automatically once it has retrieved a session token\n  - It updates following items\n    - `aws_access_key_id`\n    - `aws_secret_access_key`\n    - `aws_session_token`\n- RC file of this tool is encrypted by passphrase for security\n\n## Usage\n\n```\nUsage:\n  sesstok [OPTIONS] [TokenCode]\n\nApplication Options:\n  -r, --rc=          configuration file path of sesstok (default: $HOME/.sesstok.rc)\n  -c, --credentials= file path of AWS credentials (default: $HOME/.aws/credentials)\n  -p, --password     use master password; if you've configured a master password, this option has to be specified'\n  -P=                (NOT RECOMMENDED) pass the master password\n  -d, --duration=    duration of STS session token (unit: second) (default: 86400)\n  -t, --token-only   only retrieve STS session token (i.e. don't update credentials file)\n  -s, --silent       silent mode\n  -v, --version      show the version\n      --dumprc       dump rc file contents\n      --init         initialize a configuration (this option can be used with -r (--rc) options)\n\nHelp Options:\n  -h, --help         Show this help message\n```\n\n![usage](./doc/usage.png)\n\nAfter execute the command, it updates AWS credentials file automatically.\n\n![updated_credentials](./doc/credentials.png)\n\n### Initializing\n\nWhen you run this tool for the first time, it requires the initializing procedure.\n\n![initializing](./doc/init.gif)\n\n- `master password`: password to encrypt a rc file\n- `Access Key ID`: AWS access key ID for assume role\n- `Secret Access Key`: AWS secret access key for assume role\n- `MFA serial`: MFA serial number (i.e. ARN)\n- `Profile Name`: AWS profile name (this tool updates AWS credentials automatically for this specified profile)\n\n### To assume role for another role\n\nPlease configure the AWS credentials information (e.g. `~/.aws/credentials`), like so:\n\n```\n[your-profile-name]\nrole_arn       = arn:aws:iam::${AWS_ACCOUNT_ID}:role/${ROLE_TO_ASSUME_ROLE}\nsource_profile = $PROFILE_NAME_OF_SESSTOK_USING\n```\n\n(please replace `your-profile-name`, `$AWS_ACCOUNT_ID`, `$ROLE_TO_ASSUME_ROLE` and `$PROFILE_NAME_OF_SESSTOK` according to your environment)\n\nThen, after the session token retrieving, it can use the AWS resource as `your-profile-name` role.\n\n## FAQ\n\n### How to switch multiple AWS profiles\n\nPlease switch the rc files.\n\n### How to build\n\n```\nmake build VERSION=x.y.z\n```\n\nPre-built binaries are [here](https://github.com/moznion/sesstok/releases).\n\nLICENSE\n--\n\n```\nThe MIT License (MIT)\nCopyright © 2019 moznion, http://moznion.net/ \u003cmoznion@gmail.com\u003e\n\nPermission is hereby granted, free of charge, to any person obtaining a copy\nof this software and associated documentation files (the “Software”), to deal\nin the Software without restriction, including without limitation the rights\nto use, copy, modify, merge, publish, distribute, sublicense, and/or sell\ncopies of the Software, and to permit persons to whom the Software is\nfurnished to do so, subject to the following conditions:\n\nThe above copyright notice and this permission notice shall be included in\nall copies or substantial portions of the Software.\n\nTHE SOFTWARE IS PROVIDED “AS IS”, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR\nIMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,\nFITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE\nAUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER\nLIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,\nOUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN\nTHE SOFTWARE.\n```\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmoznion%2Fsesstok","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmoznion%2Fsesstok","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmoznion%2Fsesstok/lists"}