Skip to content

Bowbaq/profilecreds

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 

Repository files navigation

profilecreds

This provides a credentials provider for https://github.com/aws/aws-sdk-go that reads from ~/.aws/config. This is in particular intended to help with assuming a role with MFA on.

Example usage

# ~/.aws/credentials

[dev]
aws_access_key_id = <access key>
aws_secret_access_key = <secret key>

# ~/.aws/config

[profile prod]
role_arn = arn:aws:iam::<prod account id>:role/<cross account role>
source_profile = dev
mfa_serial = arn:aws:iam::<dev account id>:mfa/<device serial>

package main

import (
  "fmt"
  "log"
  "time"

  "github.com/Bowbaq/profilecreds"
  "github.com/aws/aws-sdk-go/aws/session"
  "github.com/aws/aws-sdk-go/service/elasticbeanstalk"
)

func main() {
  sess := session.New()

  // Generate credentials that last 1 hour
  profilecreds.DefaultDuration = 1 * time.Hour

  // Use the "prod" profile, cache credentials between run in a temporary location
  creds := profilecreds.NewCredentials("prod", func(p *profilecreds.AssumeRoleProfileProvider) {
    p.Cache = profilecreds.NewFileCache("")
  })

  eb := elasticbeanstalk.New(sess, sess.Config.WithCredentials(creds).WithRegion("us-west-2"))

  res, err := eb.DescribeApplications(nil)
  check(err)

  for _, app := range res.Applications {
    fmt.Println(*app.ApplicationName)
  }
}

func check(err error) {
  if err != nil {
    log.Fatalln(err)
  }
}

About

This provides a credentials provider for https://github.com/aws/aws-sdk-go that reads from ~/.aws/config

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages