Contributions are very welcome, so thank you for considering on contributing!
- General Discussions should take place in project's Github discussions.
- Found a bug? File a new bug report issue.
- Have a feature request? First condiser the goals of this project if the suggested feature applies to the scope of this tool. Then create a new feature request issue.
The goal of this project is to provide unified & pleasant user/developer experience for assuming AWS IAM Roles with MFA (via Yubikey or Authenticator App) using AWS credential_process to support as many AWS tools (such as SDKs, CLI, CDK, Terraform, etc) as reasonably possible without the user/developer having to use any wrapper scripts around AWS tools.
In some ways, I hope this tool will become obsolete and AWS themselves would unify the role assumption, temporary session credential caching & MFA experience (with added support for Yubikeys) across AWS SDKs, CLI and CDK, but I don't think it's going to happen.
The CLI itself tries to follow guidelines for “12 Factor CLI Apps” as much as reasonably possible.
By design, this tool does not support:
-
AWS SSO
→ See
benkehoe/aws-sso-utilfor that -
Encrypting of master/source (long-term user) credentials in
~/.aws/credentials→ You may implement this quite easily with few lines of bash &
credential_process -
SAML or OpenID Connect federated authentication
-
You must have Go
v1.17+installed. -
Fork this repository and clone it
-
Install dependencies:
go get -
Create a new branch, e.g.
git checkout -b feature/new-cool-thing -
Write code
-
Add/modify tests for the new code
-
Run tests:
go test ./.. -
Document the new feature
-
Push your changes
-
Create a pull request