Merge pull request #1 from colbygk/master

Bring up to date with what is published as 1.0.2
This commit is contained in:
Colby Gutierrez-Kraybill 2018-08-16 09:00:41 -04:00 committed by GitHub
commit e9fc85b128
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 24 additions and 14 deletions

View file

@ -22,9 +22,9 @@ Available variables and their usage:
| AWS_STS_ACCESS_SECRET | | Equivalent to `AWS_SECRET_ACCESS_KEY`. Used to generate credentials suitable to assume a specific role and the policies associated with it. |
| AWS_ROLE_ARN | | The Role to assume in ARN format|
| AWS_ROLE_SESSION_NAME | `temporary` | A name that will be assigned to the temporary credentials |
| AWS_STS_FILE_NAME | `./.aws-sts.json` | Used to store credentials in JSON format, fully qualified path to credential file, JSON |
| AWS_ROLE_DURATION_SECONDS | 43200 | Number of seconds the temporary access key lasts|
| AWS_STS_FILE_MODE | 0o600 | Permissions setting on JSON file that caches credentials, (600 is user read-write only) |
| AWS_STS_FILE_NAME | `./.aws-sts.json` | Used to store credentials in JSON format, fully qualified path to credential file|
| AWS_ROLE_DURATION_SECONDS | `43200` | Number of seconds the temporary access key lasts|
| AWS_STS_FILE_MODE | `0o600` | Permissions setting on JSON file that caches credentials, (600 is user read-write only) |
These values can be passed either in the environment or in a configuration object, with environment variables overriding any passed in configuration.
@ -47,17 +47,17 @@ sts.getTemporaryCredentials({
secret: 'secret key paired to access key'
}
}
}, (err, awsRaw) => {
}, (err, temp) => {
if (err) {
console.log('err:',err);
process.exit(-1);
}
var aws = JSON.parse(awsRaw);
console.log('aws:',aws);
var sh = `AWS_ACCESS_KEY_ID=${aws.Credentials.AccessKeyId}\n` +
`AWS_SECRET_ACCESS_KEY=${aws.Credentials.SecretAccessKey}\n` +
`AWS_SESSION_TOKEN=${aws.Credentials.SessionToken}\n`;
console.log('temp:',temp);
var sh =
`export AWS_ACCESS_KEY_ID=${temp.Credentials.AccessKeyId}\n` +
`export AWS_SECRET_ACCESS_KEY=${temp.Credentials.SecretAccessKey}\n` +
`export AWS_SESSION_TOKEN=${temp.Credentials.SessionToken}\n`;
fs.writeFileSync("aws-temp-credentials.sh", sh, {encoding:'utf-8'});
});
```

View file

@ -20,7 +20,7 @@ const getTemporaryCredentials = (config, callback) => {
},
role: {
arn: process.env.AWS_ROLE_ARN || '',
sessionName: process.env.AWS_ROLE_SESSION_NAME || 'temporary'
sessionName: process.env.AWS_ROLE_SESSION_NAME || 'temporary',
durationSeconds: process.env.AWS_ROLE_DURATION_SECONDS || 43200
},
key: {
@ -51,12 +51,12 @@ const getTemporaryCredentials = (config, callback) => {
},
err => {
if (err) return callback(err, null);
return callback(null, newCredentials);
return callback(null, JSON.parse(newCredentials));
}
);
});
} else {
return callback(null, old);
return callback(null, JSON.parse(old));
}
});
};

View file

@ -1,6 +1,6 @@
{
"name": "aws-sts-helper",
"version": "1.0.0",
"version": "1.0.2",
"description": "Facilitates gathering temporary security tokens from the AWS STS (Security Token Service) and then using that token information for interacting with AWS APIs",
"repository": {
"type": "git",
@ -19,5 +19,15 @@
},
"dependencies": {
"aws-sdk": "~2.166.0"
}
},
"keywords": [
"aws",
"sts",
"aws-sdk",
"aws-sts",
"roles",
"policy",
"token",
"security"
]
}