Credulous
credulous is a command line tool that manages AWS (IAM) Credentials securely. The aim is to encrypt the credentials using a user's public SSH Key so that only the user who has the corresponding private SSH key is able to see and use them. Furthermore the tool will also enable the user to easily rotate their current credentials without breaking the user's current workflow.
Main Features
- Your IAM Credentials are securely encrypted on disk.
- Easy switching of Credentials between Accounts/Users.
- Painless Credential rotation.
- Enables rotation of Credentials by external application/service.
- No external runtime dependencies beyond minimal platform-specific shared libraries
Installation
Download your platform specific app
Using brew
If you are using brew you can use:
brew install https://raw.githubusercontent.com/realestate-com-au/credulous/master/brew/credulous.rb
Bash Completion
Bash completion for subcommands and credentials is available (but waiting on inclusion in packages).
Till then, source credulous.bash_completion
will do the trick. OSX users will need to brew install bash_completion
Usage
Storing your current credentials in Credulous
$ export AWS_ACCESS_KEY_ID=YOUR_AWS_ID
$ export AWS_SECRET_ACCESS_KEY=XXXXXXXXXXX
$ credulous save # Will ask credulous to store these credentials
# saving credentials for user@account
Displaying a set of credentials from Credulous
$ credulous source -a account -u user
export AWS_ACCESS_KEY_ID=YOUR_AWS_ID
export AWS_SECRET_ACCESS_KEY=XXXXXXXXXXX
Development
Required tools:
Make sure you have GOPATH set in your environment
Download the dependencies
$ go get -u # -u will update existing dependencies
Install the binary in your $GOBIN
$ go install
Tests
First we make sure we have our dependencies
go get -t
Just go into this directory and either
goconvey
< Go to localhost:8080 in your browser >
Or just run
go test ./...
Roadmap
See here