Skip to content

Latest commit

 

History

History
98 lines (73 loc) · 2.33 KB

README.md

File metadata and controls

98 lines (73 loc) · 2.33 KB

aws-vault-exec-wrapper

This is a simple wrapper around aws-vault and similar tools, which allows defining simple aliases to run specific commands with AWS credentials.

Examples

# Before:
aws-vault exec production -- aws s3 ls

# After:
vaws production s3 ls

Installation

This script can be installed on macOS with Homebrew:

brew tap bradfeehan/formulae
brew install aws-vault-exec-wrapper

It's also just a simple shell script, so you can download the latest release, put it somewhere on your $PATH and make it executable with chmod +x aws-vault-exec-wrapper or similar.

Usage

aws-vault-exec-wrapper <VAULT_PROGRAM> <COMMAND> <PROFILE> [ARGUMENTS]

For example:

aws-vault-exec-wrapper aws-vault aws production s3 ls
=> aws-vault exec production -- aws s3 ls

This isn't really any shorter, but the power comes from defining aliases in your .bashrc or .profile:

alias vaws='aws-vault-exec-wrapper aws-vault aws'
alias avtf='aws-vault-exec-wrapper aws-vault terraform'

Then, you can run the alias, followed by the AWS profile name to use, with any command-line arguments trailing that. For example:

$ vaws production s3 ls
=> aws-vault exec production -- aws s3 ls
# ...

$ avtf production-admin apply
=> aws-vault exec production-admin -- terraform apply
Refreshing Terraform state in-memory prior to plan...
# ...

You can avoid typing the profile name by setting a default using the AWS_PROFILE environment variable:

# YOLO
$ export AWS_PROFILE=production
$ vaws s3 ls
=> aws-vault exec production -- aws s3 ls

If this environment variable is set, it won't look for a profile name on the command line. Set it in a particular shell window to set the profile for that window, or in your ~/.bashrc or ~/.profile to take effect everywhere.

Compatibility

Tested with: