{ "info": { "author": "Doug Kerwin", "author_email": "dwkerwin@gmail.com", "bugtrack_url": null, "classifiers": [ "Intended Audience :: Developers", "License :: OSI Approved :: MIT License", "Natural Language :: English", "Programming Language :: Python", "Programming Language :: Python :: 2", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: 3.7" ], "description": "IAM-Starter\n===========\n\nA CLI which starts your program with AWS IAM credentials in the\nenvironment by assuming a role or a profile\n\nInstallation\n------------\n\n.. code:: shell\n\n $ pip install iam-starter\n\nUsage\n-----\n\nA few examples:\n\n.. code:: shell\n\n # start a program given an IAM Role (assumes default creds can assume role)\n $ iam-starter --role myrole --command ./my-program.sh\n\n # start a program with a profile\n $ iam-starter --profile myprofile --command ./my-program.sh\n\n # start a program with an IAM Role using a profile to assume that role\n $ iam-starter --role myrole --profile dev --command ./my-program.sh\n\n # get export commands to paste into shell to assume the role manually\n $ iam-starter --role myrole\n export AWS_ACCESS_KEY_ID=\"ASIAI....UOCA\"\n export AWS_SECRET_ACCESS_KEY=\"DWYnQ....h93k\"\n export AWS_SESSION_TOKEN=\"KMWSz...8wX==\"\n\n # note that these two are equivalent:\n $ iam-starter --profile myprofile --command aws s3 ls\n $ aws s3 ls --profile myprofile\n\n # you can use iamx as shorthand for iam-starter (less typing)\n $ iamx --role myrole --command aws s3 ls\n\nMotivation\n----------\n\nThe desire was to be able to easily run programs that need AWS\ncredentials locally the same way you can run them in AWS, and to do so\nwithout requiring code changes or complex logic to support multiple\nmethods of obtaining AWS credentials. On EC2 you simply attach an IAM\nrole to the instance and then anything you do on that instance is\nautomatically in the context of that IAM role. Locally it isn\u2019t quite as\neasy to run things in the context of a role, you have to setup an AWS\nprofile (already something you don\u2019t do inside AWS) to assume your role,\nthen your program has to support using the named profile when\nauthenticating to AWS, which isn\u2019t always an option (not all tools\ncorrectly/fully support using AWS profiles).\n\nIf you care to execute your app with the context of a role rather than\nrunning everything with your full admin developer credentials and\nwaiting to find out in production that you have an IAM permissions\nissue, you are probably using named profiles\n(``aws configure --profile profilename``). However when running your app\nlocally in order for your AWS API calls to use that profile it requires\na code change to specify the profile name to the AWS SDK. That sounds\nokay at first until you realize that those profiles will not exist when\ndeployed into AWS, so code that \u201cworks on your machine\u201d doesn\u2019t work in\nproduction.\n\nIf you haven\u2019t already given up on trying to be a good citizen and\nrun/test your app locally with the limited IAM policy you defined for\nit, this causes you to have to do unfortunate stuff like this all over\nyour code:\n\n.. code:: python\n\n # how annoying that I have to pass an optional profile name here\n def do_something_with_aws(profile=None)\n if profile:\n # this is what will happen on my laptop\n session = boto3.Session(profile_name=profile)\n client = session.client('s3')\n else:\n # this is what will happen when running on EC2\n client = boto3.client('s3')\n\n(a python example but this is true of the AWS SDK for any language or\nthe AWS CLI)\n\nIAM-Starter makes it easy for you to run locally and in AWS using roles\nor named profiles, via the same credential method \u2013 environment\nvariables, which are the most universally supported credential method.\n\n.. code:: python\n\n def do_something_with_aws()\n # yay, simple and the same everywhere!\n client = boto3.client('s3')\n\nUse with Docker\n---------------\n\nThis is primarily intended to be used outside Docker. To run a Docker\ncontainer with an assumed IAM Role, you are probably better off using\n`IAM-Docker-Run `__.\n\nUse with SSM-Starter\n--------------------\n\nThis can be chained with\n`SSM-Starter `__. The\nfollowing example starts a program with the given IAM role and loads the\nSSM parameters for the given path into the environment, then runs your\nprogram which now has the benefit of the IAM role and the configuration\nloaded into the environment.\n\n.. code:: shell\n\n $ export AWS_REGION=us-east-1 # needed for ssm-starter\n $ iam-starter --role myrole --profile dev --command ssm-starter --ssm-name /myssmprefix/ --command ./my-program.sh\n\nLimitations\n-----------\n\n**This is a development workflow tool, not designed to run production\napplications.**\n\nTemporary credentials expire within 1 hour and do not auto renew. This\ntool was designed to be used with development, adhoc, or witih build/CI\nenvironments where execution time is short.\n\nPublishing Updates to PyPi\n--------------------------\n\nFor the maintainer - to publish an updated version of ssm-search,\nincrement the version number in version.py and run the following:\n\n.. code:: shell\n\n docker build -f ./Dockerfile.buildenv -t iam-starter:build .\n docker run --rm -it --entrypoint make iam-starter:build publish\n\nAt the prompts, enter the username and password to the pypi.org repo.\n\nTesting\n-------\n\nTest execution in a container by inserting your local AWS credentials\ninto the container.\n\n.. code:: shell\n\n docker build -f ./Dockerfile.buildenv -t iam-starter:build .\n docker run -it -v $(cd ~/.aws; pwd):/root/.aws iam-starter:build\n # then, inside the container\n pip install awscli\n # assumes a local profile named \"dev\" which has access to list S3 buckets\n iam-starter --profile dev --command aws s3 ls", "description_content_type": "", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/billtrust/iam-starter", "keywords": "aws-iam,aws-iam-role", "license": "MIT", "maintainer": "", "maintainer_email": "", "name": "iam-starter", "package_url": "https://pypi.org/project/iam-starter/", "platform": "", "project_url": "https://pypi.org/project/iam-starter/", "project_urls": { "Homepage": "https://github.com/billtrust/iam-starter" }, "release_url": "https://pypi.org/project/iam-starter/0.2.3/", "requires_dist": null, "requires_python": "", "summary": "A CLI which starts your program in the context of an assumed AWS IAM Role", "version": "0.2.3" }, "last_serial": 5991897, "releases": { "0.1.1": [ { "comment_text": "", "digests": { "md5": "7e8b586a93df2a985e016f8b77312536", "sha256": "ac61d17314892557631f9ec22873219e3bf74721d9bede54b7ff516a44cc7c48" }, "downloads": -1, "filename": "iam-starter-0.1.1.tar.gz", "has_sig": false, "md5_digest": "7e8b586a93df2a985e016f8b77312536", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5012, "upload_time": "2018-10-15T02:19:13", "url": "https://files.pythonhosted.org/packages/bf/51/8f98558e7e0812b0121c44b8141c551f769eebd0c7437bcaad2b581517f7/iam-starter-0.1.1.tar.gz" } ], "0.1.2": [ { "comment_text": "", "digests": { "md5": "c58628b6a8915616fdb860433227c141", "sha256": "18cc962f5a7a407b621eee378084579c68522c22d63a27ff14771dd7e9563db2" }, "downloads": -1, "filename": "iam-starter-0.1.2.tar.gz", "has_sig": false, "md5_digest": "c58628b6a8915616fdb860433227c141", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5356, "upload_time": "2018-10-16T17:41:30", "url": "https://files.pythonhosted.org/packages/75/0d/0c1d3ab3e365cea8c2ecf3eac04083b8804f08684e56273ed25541475ed6/iam-starter-0.1.2.tar.gz" } ], "0.2.0": [ { "comment_text": "", "digests": { "md5": "26868552bced200a70b174b3007c154a", "sha256": "42b9cadedb5dc6ad9d4a3fa8149c75abcfbed3e7fbe25e6d511c85664871c113" }, "downloads": -1, "filename": "iam-starter-0.2.0.tar.gz", "has_sig": false, "md5_digest": "26868552bced200a70b174b3007c154a", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 7359, "upload_time": "2018-11-23T20:29:03", "url": "https://files.pythonhosted.org/packages/b3/88/6c36568ba8d7ea1a439aa058b31a6846a5510b7fe42b8143dd94387bec96/iam-starter-0.2.0.tar.gz" } ], "0.2.1": [ { "comment_text": "", "digests": { "md5": "238c65c1f32422eccdeb30cf02c1bfa4", "sha256": "127ae528ebac1e0ab800105b1e76781f3301cdcfee2015e4eb02e672fca7fb02" }, "downloads": -1, "filename": "iam-starter-0.2.1.tar.gz", "has_sig": false, "md5_digest": "238c65c1f32422eccdeb30cf02c1bfa4", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 7432, "upload_time": "2018-11-23T20:38:51", "url": "https://files.pythonhosted.org/packages/5d/69/fdecbdbced4a33f88a25535d9e67a010bc1ab536e2c2b2c7e4cdcd3afa99/iam-starter-0.2.1.tar.gz" } ], "0.2.2": [ { "comment_text": "", "digests": { "md5": "95f1bd295b2efd3ab42965933d8225ab", "sha256": "81ff1cb09333781a6a7d054c3ed86ba6725b04cb97158c9d6e5058701e7b44d4" }, "downloads": -1, "filename": "iam-starter-0.2.2.tar.gz", "has_sig": false, "md5_digest": "95f1bd295b2efd3ab42965933d8225ab", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 8336, "upload_time": "2018-12-13T01:06:32", "url": "https://files.pythonhosted.org/packages/61/fb/162695d68c24323c8982fbe483ac2df6b8a4affe68cf5cac7096c20725be/iam-starter-0.2.2.tar.gz" } ], "0.2.3": [ { "comment_text": "", "digests": { "md5": "a99c97bfa15f9f2d80124302e4688b6c", "sha256": "fe929aa72aa470cc572e1836d6ba46a64dfcce7c243410c5c6d00d25f7614766" }, "downloads": -1, "filename": "iam-starter-0.2.3.tar.gz", "has_sig": false, "md5_digest": "a99c97bfa15f9f2d80124302e4688b6c", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 8454, "upload_time": "2019-10-17T19:16:14", "url": "https://files.pythonhosted.org/packages/a2/b4/7305bd676561db575606ee1305dd385ac2f6f198685e0eaca0d4e1822fc7/iam-starter-0.2.3.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "a99c97bfa15f9f2d80124302e4688b6c", "sha256": "fe929aa72aa470cc572e1836d6ba46a64dfcce7c243410c5c6d00d25f7614766" }, "downloads": -1, "filename": "iam-starter-0.2.3.tar.gz", "has_sig": false, "md5_digest": "a99c97bfa15f9f2d80124302e4688b6c", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 8454, "upload_time": "2019-10-17T19:16:14", "url": "https://files.pythonhosted.org/packages/a2/b4/7305bd676561db575606ee1305dd385ac2f6f198685e0eaca0d4e1822fc7/iam-starter-0.2.3.tar.gz" } ] }