v1.6.0

DO NOT USE

This release introduced a critical flaw that treated all argument flags (e.g. -q or --exclude) as intended for awsudo and withheld them the underlying command.

Please use v1.7.1 and thank you to @ jaytmiller and @meyertime for raising this issue.

v1.5.0

1.5.0

v1.4.4

1.4.4

v1.4.3

1.4.3

v1.4.2

1.4.2

v1.4.1

1.4.1

Option for External ID

A new set of options are now available to specify an external ID which is generally required for third party access to a role.

awsudo [-e|--external-id]

  -e, --external-id    The external id string used to authenticate role
                       assumption                      [string] [default: false]

Please see README for full set of command line options.

Hide sensitve data in output

To prevent accidentally leaking sensitive information

• only output stack traces when verbose option is specified
  • Thank you to @juneeighteen for his contribution!
• mask out AWS secrets in any stack trace shown

This addresses defect #34

Correct for clock skew

This release makes MFA authentication more likely to succeed by requesting AWS take into account the client's clock when validating.

Add option for MFA token

A new set of options are now available to specify the ARN of the user MFA token and its current value.
The argument to set the ARN is either -m or --mfa-token-arn and to specify the value is either -t or --mfa-token.

Please see README for full set of command line options.