Fork me on GitHub

wamonomicon

envassume

Assume an AWS IAM role from AWS API credentials in environment variables.

I like to use envdir when selecting AWS API keys for CLI usage. Assuming IAM roles is awkward on the CLI as you have to get the temporary role credentials via aws sts assume-role and manually extract them to an envdir or environment variables prior to running anything. I wrote envassume to give an envdir-like experience when assuming roles. It uses the current credentials to perform the STS request then extracts and replaces the environment variables with the temporary credentials for the child command e.g.

envassume arn:aws:iam::123456789012:role/example aws s3 ls

with an external ID e.g.

envassume -i external_id arn:aws:iam::123456789012:role/example aws s3 ls

The ARN and external ID can be set in the environment variables AWS_ASSUME_ROLE and AWS_ASSUME_ID e.g.

AWS_ASSUME_ROLE=arn:aws:iam::123456789012:role/example AWS_ASSUME_ID=external_id envassume aws s3 ls

Please note, if the ARN is set by environment variable, then no other envassume options can be set.

envassume is available on pypi and github.

Posted Sun 14 May '17 in AWS

3D Printer 2017 Plans

I got quite into 3D printing in 2016 after fixing up a borrowed Bits From Bytes printer, then going on to build my own Prusa i3 from scratch.

printer

It's been an enjoyable project that has taken a few upgrades to improve print quality:-

  • A properly copper etched heated bed as …

Read more

Posted Mon 02 Jan '17 in 3D Printing

Keepuppy

KeePass database SFTP sync

Keepuppy is a Python script/package I hacked together to keep database files in sync across multiple clients via an SFTP server. It can also be configured to call a script when the local file is updated. A script for restarting KeePassX on OS X is …

Read more

Posted Thu 06 Nov '14 in Dev (Python, Keepuppy)