mirror of
https://github.com/scratchfoundation/aws-sts-helper.git
synced 2024-11-27 17:45:38 -05:00
Merge pull request #1 from colbygk/master
Bring up to date with what is published as 1.0.2
This commit is contained in:
commit
e9fc85b128
3 changed files with 24 additions and 14 deletions
18
README.md
18
README.md
|
@ -22,9 +22,9 @@ Available variables and their usage:
|
|||
| AWS_STS_ACCESS_SECRET | | Equivalent to `AWS_SECRET_ACCESS_KEY`. Used to generate credentials suitable to assume a specific role and the policies associated with it. |
|
||||
| AWS_ROLE_ARN | | The Role to assume in ARN format|
|
||||
| AWS_ROLE_SESSION_NAME | `temporary` | A name that will be assigned to the temporary credentials |
|
||||
| AWS_STS_FILE_NAME | `./.aws-sts.json` | Used to store credentials in JSON format, fully qualified path to credential file, JSON |
|
||||
| AWS_ROLE_DURATION_SECONDS | 43200 | Number of seconds the temporary access key lasts|
|
||||
| AWS_STS_FILE_MODE | 0o600 | Permissions setting on JSON file that caches credentials, (600 is user read-write only) |
|
||||
| AWS_STS_FILE_NAME | `./.aws-sts.json` | Used to store credentials in JSON format, fully qualified path to credential file|
|
||||
| AWS_ROLE_DURATION_SECONDS | `43200` | Number of seconds the temporary access key lasts|
|
||||
| AWS_STS_FILE_MODE | `0o600` | Permissions setting on JSON file that caches credentials, (600 is user read-write only) |
|
||||
|
||||
These values can be passed either in the environment or in a configuration object, with environment variables overriding any passed in configuration.
|
||||
|
||||
|
@ -47,17 +47,17 @@ sts.getTemporaryCredentials({
|
|||
secret: 'secret key paired to access key'
|
||||
}
|
||||
}
|
||||
}, (err, awsRaw) => {
|
||||
}, (err, temp) => {
|
||||
if (err) {
|
||||
console.log('err:',err);
|
||||
process.exit(-1);
|
||||
}
|
||||
var aws = JSON.parse(awsRaw);
|
||||
|
||||
console.log('aws:',aws);
|
||||
var sh = `AWS_ACCESS_KEY_ID=${aws.Credentials.AccessKeyId}\n` +
|
||||
`AWS_SECRET_ACCESS_KEY=${aws.Credentials.SecretAccessKey}\n` +
|
||||
`AWS_SESSION_TOKEN=${aws.Credentials.SessionToken}\n`;
|
||||
console.log('temp:',temp);
|
||||
var sh =
|
||||
`export AWS_ACCESS_KEY_ID=${temp.Credentials.AccessKeyId}\n` +
|
||||
`export AWS_SECRET_ACCESS_KEY=${temp.Credentials.SecretAccessKey}\n` +
|
||||
`export AWS_SESSION_TOKEN=${temp.Credentials.SessionToken}\n`;
|
||||
fs.writeFileSync("aws-temp-credentials.sh", sh, {encoding:'utf-8'});
|
||||
});
|
||||
```
|
||||
|
|
6
index.js
6
index.js
|
@ -20,7 +20,7 @@ const getTemporaryCredentials = (config, callback) => {
|
|||
},
|
||||
role: {
|
||||
arn: process.env.AWS_ROLE_ARN || '',
|
||||
sessionName: process.env.AWS_ROLE_SESSION_NAME || 'temporary'
|
||||
sessionName: process.env.AWS_ROLE_SESSION_NAME || 'temporary',
|
||||
durationSeconds: process.env.AWS_ROLE_DURATION_SECONDS || 43200
|
||||
},
|
||||
key: {
|
||||
|
@ -51,12 +51,12 @@ const getTemporaryCredentials = (config, callback) => {
|
|||
},
|
||||
err => {
|
||||
if (err) return callback(err, null);
|
||||
return callback(null, newCredentials);
|
||||
return callback(null, JSON.parse(newCredentials));
|
||||
}
|
||||
);
|
||||
});
|
||||
} else {
|
||||
return callback(null, old);
|
||||
return callback(null, JSON.parse(old));
|
||||
}
|
||||
});
|
||||
};
|
||||
|
|
14
package.json
14
package.json
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "aws-sts-helper",
|
||||
"version": "1.0.0",
|
||||
"version": "1.0.2",
|
||||
"description": "Facilitates gathering temporary security tokens from the AWS STS (Security Token Service) and then using that token information for interacting with AWS APIs",
|
||||
"repository": {
|
||||
"type": "git",
|
||||
|
@ -19,5 +19,15 @@
|
|||
},
|
||||
"dependencies": {
|
||||
"aws-sdk": "~2.166.0"
|
||||
}
|
||||
},
|
||||
"keywords": [
|
||||
"aws",
|
||||
"sts",
|
||||
"aws-sdk",
|
||||
"aws-sts",
|
||||
"roles",
|
||||
"policy",
|
||||
"token",
|
||||
"security"
|
||||
]
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue