Skip to content
/ irsa-tokengen Public

Generate an "AWS_ACCESS_KEY_ID" credentials from IRSA token file

License

Apache-2.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

isaaguilar/irsa-tokengen

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

irsa-tokengen

Generate an AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_SESSION_TOKEN from the IRSA AWS_WEB_IDENTITY_TOKEN_FILE and AWS_ROLE_ARN. Some applications that do not support IRSA might find this handy, like Terraform's Go Getter.

Build

Download the repo and make a tiny binary for your pod:

GOOS=linux GOARCH=amd64 go build -ldflags '-s -w' -o irsa-tokengen main.go

Install

Place the build binary somewhere in $PATH.

Usage

Requires the role-arn to assume and the JWT file generally placed into pods automatically with IRSA.

if [[ -s $AWS_WEB_IDENTITY_TOKEN_FILE ]]; then
    export IRSA_TOKENGEN_DURATION_IN_HOURS="2" # Default 1 hour
    export $(irsa-tokengen)
fi

Caveats

The token is only good for 1 hour, even if the IAM Role has a longer duration.

About

Generate an "AWS_ACCESS_KEY_ID" credentials from IRSA token file

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases 2

v1.0.1 release Latest
May 16, 2023
+ 1 release

Packages

No packages published

Languages