{
"info": {
"author": "Aidan Melen",
"author_email": "aidan.l.melen@gmail.com",
"bugtrack_url": null,
"classifiers": [
"Development Status :: 2 - Pre-Alpha",
"Intended Audience :: Developers",
"License :: OSI Approved :: MIT License",
"Natural Language :: English",
"Programming Language :: Python :: 3",
"Programming Language :: Python :: 3.5",
"Programming Language :: Python :: 3.6",
"Programming Language :: Python :: 3.7"
],
"description": "==============\nawscli_bastion\n==============\n\n.. image:: https://img.shields.io/pypi/v/awscli_bastion.svg\n :target: https://pypi.python.org/pypi/awscli_bastion\n\n.. image:: https://img.shields.io/travis/aidanmelen/awscli_bastion.svg\n :target: https://travis-ci.org/aidanmelen/awscli_bastion\n\n.. image:: https://readthedocs.org/projects/awscli-bastion/badge/?version=latest\n :target: https://awscli-bastion.readthedocs.io/en/latest/?badge=latest\n :alt: Documentation Status\n\n\n.. image:: https://pyup.io/repos/github/aidanmelen/awscli_bastion/shield.svg\n :target: https://pyup.io/repos/github/aidanmelen/awscli_bastion/\n :alt: Updates\n\n* Free software: Apache Software License 2.0\n* Documentation: https://awscli-bastion.readthedocs.io.\n\n`awscli-bastion`_ extends the `awscli`_ by managing mfa protected short-lived credentials for an `AWS Bastion`_ account.\n\n.. image:: https://raw.githubusercontent.com/aidanmelen/awscli_bastion/master/docs/awscli-bastion.png\n :target: https://raw.githubusercontent.com/aidanmelen/awscli_bastion/master/docs/awscli-bastion.png\n :align: center\n\n\nInstall\n-------\n\n::\n\n $ pip install awscli-bastion\n\n\nConfigure\n---------\n\n1. Ensure that your `AWS Bastion`_ account is `configured to use multi-factor authentication and iam roles`_.\n2. Ensure the ``awscli`` is configured as follows:\n\n*~/.aws/credentials*::\n\n # these are fake credentials\n [bastion]\n aws_access_key_id = ASIA554SXDVIHKO5ACW2\n aws_secret_access_key = VLJQKLEqs37HCDG4HgSDrxl1vLNrk9Is8gm0VNfA\n\n [bastion-sts]\n mfa_serial = arn:aws:iam::123456789012:mfa/aidan-melen\n credential_process = bastion get-session-token\n source_profile = bastion\n\n [dev-admin]\n role_arn = arn:aws:iam::234567890123:role/admin\n source_profile = bastion-sts\n\n [stage-poweruser]\n role_arn = arn:aws:iam::345678901234:role/poweruser\n source_profile = bastion-sts\n\n [prod-spectator]\n role_arn = arn:aws:iam::456789012345:role/spectator\n source_profile = bastion-sts\n\n*~/.aws/config*::\n\n [default]\n region = us-west-2\n output = json\n\nUsage\n-----\n\nRun ``aws`` commands normally and the `credential_process`_, `role_arn, and source_profile`_ will handle the rest::\n\n $ aws sts get-caller-identity --profile dev-admin\n Enter MFA code for arn:aws:iam::123456789012:mfa/aidan-melen:\n {\n \"UserId\": \"AAAAAAAAAAAAAAAAAAAAA:botocore-session-1234567890\",\n \"Account\": \"123456789012\",\n \"Arn\": \"arn:aws:sts::234567890123:assumed-role/admin/botocore-session-1234567890\"\n }\n\n $ aws sts get-caller-identity --profile stage\n {\n \"UserId\": \"BBBBBBBBBBBBBBBBBBBBB:botocore-session-2345678901\",\n \"Account\": \"345678901234\",\n \"Arn\": \"arn:aws:sts::345678901234:assumed-role/poweruser/botocore-session-2345678901\"\n }\n\n $ aws sts get-caller-identity --profile prod\n {\n \"UserId\": \"CCCCCCCCCCCCCCCCCCCCC:botocore-session-3456789012\",\n \"Account\": \"456789012345\",\n \"Arn\": \"arn:aws:sts::456789012345:assumed-role/spectator/botocore-session-3456789012\"\n }\n\nYou will only be prompted for the mfa code when the cached bastion-sts credentials expire.\n\nSpecial Usage\n-------------\n\nThe ``bastion`` sub-commands support writing credentials to the *~/.aws/credentials* file in addition to the *~/.aws/cli/cache* directory.\nThis is required for tools such as `terraform `_ that do not support the awscli cache.\n\nConfigure the ``aws bastion`` alias sub-command in the *~/.aws/cli/alias* to automate the steps for each profile::\n\n [toplevel]\n\n bastion =\n !f() {\n if [ $# -eq 0 ]\n then\n bastion get-session-token --write-to-aws-shared-credentials-file\n else\n bastion get-session-token --write-to-aws-shared-credentials-file --mfa-code $1\n fi\n bastion assume-role dev-admin\n bastion assume-role stage-poweruser\n bastion assume-role prod-spectator\n echo \"Successfully assumed roles in all AWS accounts!\"\n }; f\n\nWrite sts credentials to the aws shared credentials with our ``aws bastion`` alias command::\n\n $ aws bastion\n Enter MFA code for arn:aws:iam::123456789012:mfa/aidan-melen:\n Setting the 'bastion-sts' profile with sts get session token credentials.\n Setting the 'dev-admin' profile with sts assume role credentials.\n Setting the 'stage-poweruser' profile with sts assume role credentials.\n Setting the 'prod-spectator' profile with sts assume role credentials.\n Successfully assumed roles in all AWS accounts!\n\nNow your bastion-sts and assume role profiles will be populated with sts credentials.\n\nBastion Minimal\n---------------\n\nIf you are like me, you do not trust open-source tools and libraries to handle admin \ncredentials for your aws accounts. `awscli_bastion/minimal.py `_ is written as a script that offers \nminimal bastion functionality. It is intended to be quick and easy to understand. \nA minimal number of python libraries are used to reduce security risks.\n\nConfigure the ``aws bastion-minimal`` alias sub-command in the *~/.aws/cli/alias* to automate the steps for each profile::\n\n [toplevel]\n\n bastion-minimal =\n !f() {\n TOKEN_CODE=$1\n\n bastion-minimal dev-admin $TOKEN_CODE\n bastion-minimal stage-poweruser\n bastion-minimal prod-spectator\n\n if [ $? == 0 ]\n then\n echo \"Successfully assumed roles in all AWS accounts!\"\n else\n echo \"Failed to assumed roles in all AWS accounts :(\"\n fi\n }; f\n\nWrite sts credentials to the *~/.aws/credentials* file with our ``aws bastion-minimal`` alias command::\n\n $ aws bastion-minimal 123456\n Setting the 'bastion-sts' profile with sts get session token credentials.\n Setting the 'dev-admin' profile with sts assume role credentials.\n Setting the 'stage-poweruser' profile with sts assume role credentials.\n Setting the 'prod-spectator' profile with sts assume role credentials.\n Successfully assumed roles in all AWS accounts!\n\nNow your bastion-sts and assume role profiles will be populated with sts credentials.\n\n\nCredits\n-------\n\nThis package was created with Cookiecutter_ and the `audreyr/cookiecutter-pypackage`_ project template.\n\n.. _`awscli-bastion`: https://pypi.org/project/awscli-bastion/\n.. _`AWS Bastion`: https://blog.coinbase.com/you-need-more-than-one-aws-account-aws-bastions-and-assume-role-23946c6dfde3\n.. _`configured to use multi-factor authentication and iam roles`: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-role.html#cli-role-prepare\n.. _`awscli`: https://pypi.org/project/awscli/\n.. _`credential_process`: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sourcing-external.html\n.. _`role_arn, and source_profile`: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-role.html\n.. _`writing sts credentials to the aws shared credential file`: https://aws.amazon.com/premiumsupport/knowledge-center/authenticate-mfa-cli/\n.. _Cookiecutter: https://github.com/audreyr/cookiecutter\n.. _`audreyr/cookiecutter-pypackage`: https://github.com/audreyr/cookiecutter-pypackage\n.. _Making a python package for pypi: http://otuk.kodeten.com/making-a-python-package-for-pypi---easy-steps\n\n=======\nHistory\n=======\n\n0.1.0 (2019-09-13)\n------------------\n\n* First release on PyPI.",
"description_content_type": "",
"docs_url": null,
"download_url": "",
"downloads": {
"last_day": -1,
"last_month": -1,
"last_week": -1
},
"home_page": "https://github.com/aidanmelen/awscli_bastion",
"keywords": "awscli_bastion",
"license": "MIT license",
"maintainer": "",
"maintainer_email": "",
"name": "awscli-bastion",
"package_url": "https://pypi.org/project/awscli-bastion/",
"platform": "",
"project_url": "https://pypi.org/project/awscli-bastion/",
"project_urls": {
"Homepage": "https://github.com/aidanmelen/awscli_bastion"
},
"release_url": "https://pypi.org/project/awscli-bastion/0.8.3/",
"requires_dist": null,
"requires_python": ">=3.5",
"summary": "awscli-bastion extends the awscli by managing mfa protected short-lived credentials for an aws bastion account.",
"version": "0.8.3"
},
"last_serial": 5859209,
"releases": {
"0.1.0": [
{
"comment_text": "",
"digests": {
"md5": "ad29fd387cc1f8406dc9f0759bfb7237",
"sha256": "4b3c43c0529ab2020a6f611cac57ebc2f73e524a43f3a6cd6c7fe6814a408d22"
},
"downloads": -1,
"filename": "awscli_bastion-0.1.0.macosx-10.14-x86_64.tar.gz",
"has_sig": false,
"md5_digest": "ad29fd387cc1f8406dc9f0759bfb7237",
"packagetype": "sdist",
"python_version": "source",
"requires_python": null,
"size": 5909,
"upload_time": "2019-09-10T00:37:46",
"url": "https://files.pythonhosted.org/packages/b4/a8/b4b654b6c857d9a698db91b73c91309285b8a44a210e56983f91979b1ed4/awscli_bastion-0.1.0.macosx-10.14-x86_64.tar.gz"
}
],
"0.2.0": [
{
"comment_text": "",
"digests": {
"md5": "991b6dda4c7fa39e1c989bd502269fa9",
"sha256": "8a9c0c206a26142aa12c7b54e7b346a21598c5ccd839d8f8e06c9d9d6e7c5f01"
},
"downloads": -1,
"filename": "awscli_bastion-0.2.0.macosx-10.14-x86_64.tar.gz",
"has_sig": false,
"md5_digest": "991b6dda4c7fa39e1c989bd502269fa9",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*",
"size": 6559,
"upload_time": "2019-09-14T02:05:11",
"url": "https://files.pythonhosted.org/packages/6e/b3/22303389c8443b2685758f0ed7fee0728d85a1d663adefcafb49de53188b/awscli_bastion-0.2.0.macosx-10.14-x86_64.tar.gz"
}
],
"0.3.0": [
{
"comment_text": "",
"digests": {
"md5": "cff4a0ecb60e7994a1a3da4c37877e7e",
"sha256": "9435936599acbc85aa493a688b323ebf7bb886693f287975f298f7613e8a0edc"
},
"downloads": -1,
"filename": "awscli_bastion-0.3.0.macosx-10.14-x86_64.tar.gz",
"has_sig": false,
"md5_digest": "cff4a0ecb60e7994a1a3da4c37877e7e",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.5",
"size": 10520,
"upload_time": "2019-09-14T23:12:49",
"url": "https://files.pythonhosted.org/packages/e3/3c/fdde48e44257831ec1269c0be7a7894ee590a0b9cfc768b4f4071ba70661/awscli_bastion-0.3.0.macosx-10.14-x86_64.tar.gz"
}
],
"0.4.0": [
{
"comment_text": "",
"digests": {
"md5": "9039350e0dd8f5a751b029d3fb0954bb",
"sha256": "56c04ccec0e33298c2eefea18d172363b03519a75837d5db3c85ad1b4ebdfd32"
},
"downloads": -1,
"filename": "awscli_bastion-0.4.0.macosx-10.14-x86_64.tar.gz",
"has_sig": false,
"md5_digest": "9039350e0dd8f5a751b029d3fb0954bb",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.5",
"size": 10541,
"upload_time": "2019-09-14T23:16:20",
"url": "https://files.pythonhosted.org/packages/5b/7d/8d29123839186e4296c6307ba506e874281116b55e4335f59cc47f9923ff/awscli_bastion-0.4.0.macosx-10.14-x86_64.tar.gz"
}
],
"0.5.0": [
{
"comment_text": "",
"digests": {
"md5": "3c3757b76545c925dde627561f8ece92",
"sha256": "f8473a6a7ecd49d0c12bf1bd7aa6c9a8e37799ffa817eb8ef91617b5d863a65e"
},
"downloads": -1,
"filename": "awscli_bastion-0.5.0.macosx-10.14-x86_64.tar.gz",
"has_sig": false,
"md5_digest": "3c3757b76545c925dde627561f8ece92",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.5",
"size": 13844,
"upload_time": "2019-09-15T23:05:51",
"url": "https://files.pythonhosted.org/packages/4a/da/bcc3b7a60bc51f99a36ecaf61e28e7c0c76f52f00eb16dfabc0ce0dfa602/awscli_bastion-0.5.0.macosx-10.14-x86_64.tar.gz"
}
],
"0.6.0": [
{
"comment_text": "",
"digests": {
"md5": "7f1769fa8c350855c2e6cab6753e8ef3",
"sha256": "0907197c49e9ab129632b417e6d46634f9a8fa6d7cc0e03fbf47891b4e1dd333"
},
"downloads": -1,
"filename": "awscli_bastion-0.6.0.tar.gz",
"has_sig": false,
"md5_digest": "7f1769fa8c350855c2e6cab6753e8ef3",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.5",
"size": 48894,
"upload_time": "2019-09-17T02:56:37",
"url": "https://files.pythonhosted.org/packages/43/7c/4bbbe4e971b83739a56355962e76362ac5a8b2f29d0561fa3d089bcdb748/awscli_bastion-0.6.0.tar.gz"
}
],
"0.7.0": [
{
"comment_text": "",
"digests": {
"md5": "50ead45b0a4e28de669efbf055b7f239",
"sha256": "ad970713146d42df253ecaab818196dc8cfce4ed3f970d3d87b290b80b54cb2d"
},
"downloads": -1,
"filename": "awscli_bastion-0.7.0.tar.gz",
"has_sig": false,
"md5_digest": "50ead45b0a4e28de669efbf055b7f239",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.5",
"size": 48976,
"upload_time": "2019-09-17T04:06:33",
"url": "https://files.pythonhosted.org/packages/6d/7e/9e9053f4e0c79b9878dcc97c28a65d5a7edf88d0513bf2426c6f92ce6e1d/awscli_bastion-0.7.0.tar.gz"
}
],
"0.7.1": [
{
"comment_text": "",
"digests": {
"md5": "ce23db8df9d061958992e37cb25c5e42",
"sha256": "ac15a14e88843ff94df5ba3bd5e2e586e11b7599517c43d79db61f11ef3eb660"
},
"downloads": -1,
"filename": "awscli_bastion-0.7.1.tar.gz",
"has_sig": false,
"md5_digest": "ce23db8df9d061958992e37cb25c5e42",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.5",
"size": 48957,
"upload_time": "2019-09-17T04:10:24",
"url": "https://files.pythonhosted.org/packages/e5/d4/c5c6a349e5f5249441e8e3322d7016557d7f00e47bcb0d19e1140da9e4a0/awscli_bastion-0.7.1.tar.gz"
}
],
"0.7.3": [
{
"comment_text": "",
"digests": {
"md5": "17944cc3ce9e7ea1000f8f18b662eb29",
"sha256": "c8dd8155bc4d25e15da76f599064582c43b57b91dea334ac9ce1340e8dbb7b62"
},
"downloads": -1,
"filename": "awscli_bastion-0.7.3.tar.gz",
"has_sig": false,
"md5_digest": "17944cc3ce9e7ea1000f8f18b662eb29",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.5",
"size": 48975,
"upload_time": "2019-09-17T04:51:20",
"url": "https://files.pythonhosted.org/packages/56/46/aa88c466ab69236e79f03f3f2e84183077c7d894be11ed2bfa1a0efde5de/awscli_bastion-0.7.3.tar.gz"
}
],
"0.8.0": [
{
"comment_text": "",
"digests": {
"md5": "0f71319ca1060b6e759633f8241d13e7",
"sha256": "0eaf039f29240300a4184fc7a46399fa97008ce757aa6b82a78e999938d2ab69"
},
"downloads": -1,
"filename": "awscli_bastion-0.8.0.tar.gz",
"has_sig": false,
"md5_digest": "0f71319ca1060b6e759633f8241d13e7",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.5",
"size": 49583,
"upload_time": "2019-09-19T00:59:54",
"url": "https://files.pythonhosted.org/packages/64/99/f6340ca5d32b140fb7c126974afbad605e021cc310b4e5a9089878559884/awscli_bastion-0.8.0.tar.gz"
}
],
"0.8.1": [
{
"comment_text": "",
"digests": {
"md5": "0239b67b00b5843cde23f845c640291f",
"sha256": "754ba34d03b6c205ea45f2b142b3fdcbe6854c543bb7bf8b698f541e4a7c76b4"
},
"downloads": -1,
"filename": "awscli_bastion-0.8.1.tar.gz",
"has_sig": false,
"md5_digest": "0239b67b00b5843cde23f845c640291f",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.5",
"size": 53804,
"upload_time": "2019-09-19T01:17:25",
"url": "https://files.pythonhosted.org/packages/ea/08/9ad7d0cf5a98a7f494acd56bda20016c4a311a36e4c5c1496f84bbd67d5c/awscli_bastion-0.8.1.tar.gz"
}
],
"0.8.2": [
{
"comment_text": "",
"digests": {
"md5": "8e6651347692daf5ac48a4dd03728ea5",
"sha256": "e8a868e1170ad016aaa8c8d42f1b933b034b997286c4b257eddbd43ac4a51f0c"
},
"downloads": -1,
"filename": "awscli_bastion-0.8.2.tar.gz",
"has_sig": false,
"md5_digest": "8e6651347692daf5ac48a4dd03728ea5",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.5",
"size": 53916,
"upload_time": "2019-09-19T15:36:42",
"url": "https://files.pythonhosted.org/packages/45/df/7ec9900aa04b1122c0c3424e89f10cbc1b71dda849102808ab4097061fea/awscli_bastion-0.8.2.tar.gz"
}
],
"0.8.3": [
{
"comment_text": "",
"digests": {
"md5": "ad4c55a2f3d4d34eed240298209bb81d",
"sha256": "05711793c74c5ba03ebd740ff29e43f4c8eb0ca571505ab39bb401ec5539f08e"
},
"downloads": -1,
"filename": "awscli_bastion-0.8.3.tar.gz",
"has_sig": false,
"md5_digest": "ad4c55a2f3d4d34eed240298209bb81d",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.5",
"size": 53604,
"upload_time": "2019-09-19T23:22:19",
"url": "https://files.pythonhosted.org/packages/9b/3d/a4aa0ca97571520382b257bd5214216e06f326c9390d981e350ff2e48e64/awscli_bastion-0.8.3.tar.gz"
}
]
},
"urls": [
{
"comment_text": "",
"digests": {
"md5": "ad4c55a2f3d4d34eed240298209bb81d",
"sha256": "05711793c74c5ba03ebd740ff29e43f4c8eb0ca571505ab39bb401ec5539f08e"
},
"downloads": -1,
"filename": "awscli_bastion-0.8.3.tar.gz",
"has_sig": false,
"md5_digest": "ad4c55a2f3d4d34eed240298209bb81d",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.5",
"size": 53604,
"upload_time": "2019-09-19T23:22:19",
"url": "https://files.pythonhosted.org/packages/9b/3d/a4aa0ca97571520382b257bd5214216e06f326c9390d981e350ff2e48e64/awscli_bastion-0.8.3.tar.gz"
}
]
}