geskunkworks / gossamer Goto Github PK
View Code? Open in Web Editor NEWgenerate AWS creds for many accounts with a single MFA token
License: MIT License
gossamer's People
Contributors
Stargazers
Watchers
gossamer's Issues
Feature Request: Chocolatey package
Would it be possible to provide a chocolatey package for installation on Windows?
session_duration_seconds does not seem to have any effect
Very minor issue, but It seems the session_duration_seconds value specified in config has no effect.
primary_assumptions:
all_roles: false
mappings:
- role_arn: arn:aws:iam::123123123121:role/admin
profile_name: admin
session_duration_seconds: 7200at least for primary_assumptions.mappings I tried to set it to 2 hours, but it was still assumed for 12 hours. Granted this is a SAML federated role, so possibly the 12 hours are coming from there.
Full config is as follows:
output_file: "~/.aws/credentials"
flows:
- name: mfa-saml-prd
type: saml
region: us-east-1
do_not_propagate_region: false
allow_failure: false
saml_config:
#allow_mapping_duration_override: true
username:
source: "env"
value: "USERNAME"
password:
source: "env"
value: "TOKEN"
url:
source: "config"
value: "<MY_SSO_PROVIDER_URL>"
target:
source: "config"
value: "<MY_LOGIN_URL>"
primary_assumptions:
all_roles: false
mappings:
- role_arn: arn:aws:iam::123123123121:role/admin
profile_name: admin
session_duration_seconds: 7200
secondary_assumptions:
all_roles: false
mappings:
- role_arn: arn:aws:iam::123123123125:role/admin
profile_name: account1
Error: "panic: invalid character '\n' in string literal" and mention of "/home/travis/" in panic message
/usr/local/bin/gossamer -a arn:aws:iam::0123456789012:role/myrolename -rolesfile /home/ec2-user/gossamer/roles-all.json
t=2019-12-05T16:18:00+0000 lvl=info msg="gossamer: assume-role via instance role" version=1.2.15.63
panic: EOF
goroutine 1 [running]:
main.main()
/home/travis/gopath/src/github.com/GESkunkworks/gossamer/main.go:58 +0x2b01The /home/travis/ part is odd.
Any chance I could get some help here?
Support tilde in credfile path
In the config file it doesn't understand tilde in path
-o does not work
Latest gossamer 2.0.2.90 does not honor the -o param. Always saves creds in ./gossamer_creds
Running something like
gossamer -profile $PRIMARY_PROFILE -entryname $SEC_PROFILE -region $SEC_REGION -a $SEC_ROLE_ARN -o $HOME/.aws/credentialsresults in credentials still being saved in ./gossamer_creds
minor bugs
Better error handling for bad access keys
handle missing token section in config
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.