Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
.. image:: https://img.shields.io/pypi/v/aws-tools.svg?maxAge=0 :target: https://pypi.org/project/aws-tools/ :alt: PyPI
This package provides tools for AWS platform, such as:
and others.
The main reason why aws-tools came to be, was using awscli
_ with different access keys in the secure and easy way.
Switching between AWS accounts:
::
$ awsenv test
<test> $ aws s3 ls
...list of S3 objects on TEST environment...
### Explanation:
### <test> $ env | grep AWS
### AWS_SECRET_ACCESS_KEY=w0bM0rucARITPOUpcyAaX3iI9lGjJo7g8UUCUxIv
### AWS_ACCESS_KEY_ID=AKIAJPVK7VGH6CBZT5EQ
### AWS_ENV=test
<test> $ awsenv prod
<prod> $ aws s3 ls
...list of S3 objects on PROD environment...
### Explanation:
### <prod> $ env | grep AWS
### AWS_SECRET_ACCESS_KEY=P8crbSIvQ/Au0jfnW8XER9eJKxpQdYqpRVz5QxKo
### AWS_ACCESS_KEY_ID=AKIAJ4F26CMBPI1HF7MQ
### AWS_ENV=prod
Renewing AWS API access keys:
::
$ awsenv prod
### Explanation:
### <prod> $ env | grep AWS
### AWS_SECRET_ACCESS_KEY=P8crbSIvQ/Au0jfnW8XER9eJKxpQdYqpRVz5QxKo
### AWS_ACCESS_KEY_ID=AKIAJ4F26CMBPI1HF7MQ
### AWS_ENV=prod
<prod> $ awsroll prod
Rolled key for env prod: AccessKeyId=****************ZKQFQ; CreateDate=2018-11-14 13:10:04+00:00
<prod> $ awsenv prod
### Explanation:
### <prod> $ env | grep AWS
### AWS_SECRET_ACCESS_KEY=napb9J2RKzsSiTIjLRavN09qIfFzrMo7846zr2ou
### AWS_ACCESS_KEY_ID=AKIAJTGB6EFV7F4ZKQFQ
### AWS_ENV=prod
..
Prerequisites:
aws-tools requires gpg (version >= 2.X) to decrypt/encrypt your AWS credentials.
Install necessary packages, and generate a new key pair:
::
$ sudo apt-get install gpg gpg-agent
$ gpg --gen-key
..
This document covers only gpg commands required to run aws-tools! If
you need to use other gpg parameters, go to gpg documentation.
Configure your region using awscli
_ if you haven't done that yet:
::
$ aws configure
AWS Access Key ID [None]:
AWS Secret Access Key [None]:
Default region name [None]: eu-west-1
Default output format [None]:
..
Do not provide any keys here!
Installation
Simply run:
::
$ pip install --user aws-tools
Configuration
AWS Credentials ^^^^^^^^^^^^^^^
In ~/.aws
directory create temporary env.<environment>.conf
file
for each AWS environment.
For example, if you have 3 AWS environments: TEST, STAGE and PROD, there
should be 3 config files in ~/.aws
directory:
::
env.test.conf
env.stage.conf
env.prod.conf
Edit each file:
.. code:: cfg
[default]
aws_access_key_id = <your_environment_specific_access_key_id>
aws_secret_access_key = <your_environment_specific_secret_access_key>
Encrypt each file with gpg:
::
$ gpg --encrypt --armor --output env.<environment>.conf.asc -r <your-gpg-user-id-name> env.<environment>.conf
and remove temporary env.*.conf
files!
..
Run ``gpg -K`` to find out what is your ``<your-gpg-user-id-name>``
Shell ^^^^^
aws-tools comes with handy command completion and bash prompt features.
Simply add to your ~/.bashrc
:
.. code:: cfg
source $HOME/.local/bin/aws_tools_completion.bash 2>/dev/null
export PS1="\$(__awsenv_ps1 2>/dev/null)${PS1}"
SMTP credentials (optional) ^^^^^^^^^^^^^^^^^^^^^^^^^^^
This step is helpful if you want to send renewed AWS access keys to an email.
In ~/.aws
directory create temporary smtp.cfg
file.
Edit smtp settings:
.. code:: cfg
smtplogin = <your_full_smtp_login>
smtppass = <your_password>
smtphost = <smtp_host>
smtpport = <smtp_port>
Encrypt config file with gpg:
::
$ gpg --encrypt --armor --output smtp.cfg.asc -r <your-gpg-user-id-name> smtp.cfg
and remove temporary smtp.cfg
file!
Examples
Autocompletion:
::
$ awsenv<TAB><TAB>
prod stage test
Use TEST access keys:
::
$ awsenv test
Unset AWS access keys for current shell:
::
$ awsenv unset
Rotate PROD access keys:
::
$ awsroll prod
Rotate access keys for all environments:
::
$ awsroll
Rotate access keys for all environments using gpg agent, and send them to the email:
::
$ aws-roll-keys.py -a -e all -s <email@domain.org>
Rotate access keys for TEST environment and send info to the email:
::
$ aws-roll-keys.py -e test -i <email@domain.org>
.. _awscli: https://pypi.org/project/awscli/
FAQs
Switching between multiple AWS accounts & renewing API access keys
We found that aws-tools demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.