Fri, 14 Jul 2017

In case you’ve missed it, AWSume is a cross-platform AWS command-line tool that makes working with the AWS CLI under different profiles or roles super easy. You no longer have to manually set environment variables, or pass the --profile <profile_name> to the end of your AWS CLI calls. When you have your profiles correctly set up, you can simply run awsume <profile_name>, and AWSume will do the work for you!

Check it out on GitHub!

AWSume works by setting your AWS environment variables. This way, any further AWS CLI calls you make will be under the profile you AWSume’d, until the profile credentials expire.

Before, we had to maintain three different code-bases for the various platforms that we want to support. It took a long time to update it and add new features. There were many steps involved in the installation, too.

The Solution - AWSumepy, but why Python?

We have moved the core of what AWSume is from the shell scripts into the Python script awsumepy. But why?

  • Cross-Platform
    • Python is a language that allows you to build packages that will work cross-platform (macOS, Linux, Windows).
  • One Code-Base
    • Because we have one code-base for the core of AWSume, it is easier to update AWSume and add new features.
  • Easier to Maintain
    • Because AWSume works through setting environment variables, we still need small awsume shell wrappers for each platform we support. However, since the work has been taken from the shell and put on Python, maintaining these shell scripts is much easier.
  • The AWS CLI depends on Python
    • Since the AWS CLI depends on Python, it made sense to create an AWS CLI tool in Python.
  • Faster
    • AWSume being run in Python is incrementally faster than it’s previous shell script counterparts.
  • Simple to Install
    • AWSume is now super easy to install, it only requires one command:<pre><code>pip install awsume</code></pre>
    • After that, you’re ready to use AWSume!

Also Introducing: autoAWSume!

AWS role credentials are only valid for a maximum of an hour. This means that you need to call AWSume once for every hour that you work under that role. Now, we have developed an AWSume auto-refresher! By simply passing the -a option to AWSume with the given role, you’ll spawn a background process that refreshes roles that are about to expire, for as long as the role’s source profile’s credentials are valid. Once there are no more roles to refresh, autoAWSume stops running.

Check it out on GitHub!

Michael Barney Trek10
Michael Barney

DevOps Engineer

Michael started his career out in the serverless world, joining the Trek10 team right out of college - a true Serverless Native.