Show your Tool: awsume

Michael Wittig – 22 Oct 2019

In this series, we present AWS tooling from the community for the community. We talk directly with the tool makers. Who are they? What problem does the tool solve? And what motivates them to contribute to open-source AWS tooling.

Show your Tool

This time, we talk with Michael Barney about awsume. You can find Michael on GitHub and Twitter. Michael also has a website.

cloudonaut: Tell us a little about yourself, your history with AWS, and your motivation to develop AWS tooling.
Michael Barney: After college, I started at Trek10, an AWS consulting partner specializing in serverless. It was there that I discovered a passion for Serverless. As of writing, I’ve been working with AWS for about two years. I believe that the more AWS tooling evolves, the more enabled developers will be. The tool I’ve worked on, awsume, has helped the team at Trek10 a ton.

cloudonaut: What problem does your tool solve?
Michael Barney: awsume‚ is a command-line tool that grabs AWS credentials (access keys, session token, etc.) and exports them to environment variables. It makes MFA much easier to use, it’s extensible, and it comes with a few cool built-in utilities such as autoawsume, which automatically refreshes your credentials for you in the background.

cloudonaut: Who should use your tool? Who should not?
Michael Barney: The motivation behind the tool was that since the AWS CLI would use the MFA token on the assume-role call, you would have to re-enter your MFA token every hour. What you can do instead is make the get-session-token call on the source profile, which returns MFA credentials that are valid for 12 hours, so you can use those credentials every hour to renew your role credentials, without needing to re-enter your MFA token.

Trek10 does work in multiple accounts for each of our clients, so another motivation behind awsume is that maintaining your config and credentials files became cumbersome. awsume helped in that aspect by being extensible, so we developed a plugin to inject those profiles from our internal database at runtime.

Long story short, awsume is meant to be used by anyone who needs to access an aws account. Whether you’re part of a large complex organization or a hobbyist with a personal account, awsume could definitely help you out.

cloudonaut: Show us a short demo of your tool
Michael Barney: Please check out this short demo.

awsume Demo


Looking for a new challenge?

  • tecRacer

    Cloud Consultant

    tecRacer • Premier AWS Consulting Partner • Germany, Austria, Portugal, and Switzerland
    AWS only Infrastructure as Code EC2 Containers Serverless
  • tecRacer

    Cloud Migration Specialist

    tecRacer • Premier AWS Consulting Partner • Germany, Austria, Portugal, and Switzerland
    Lift&Shift Transformation EC2 RDS VPC

Basically, you run awsume <profile_name>, but there’s plenty of other ways to use awsume. Check out the documentation to learn about all features.

cloudonaut: How can we use your tool?
Michael Barney: Follow the quickstart guide at https://awsu.me/general/quickstart.html.

On most machines, you should be able to pip install awsume, restart your terminal, and it’ll work.

cloudonaut: Where can we find more information about your tool?
Michael Barney: I would check out the awsume website.

cloudonaut: Are you aware of tools that solve a similar problem than yours? What’s the difference?
Michael Barney: There are a few, namely aws-vault. As someone that hasn’t used it, it’s hard to talk about the differences, but I do know that aws-vault stores your credentials in the macOS Keychain, Windows Credential Manager, etc. as opposed to the default config and credentials files.

cloudonaut: What’s the roadmap for your tool? Are you planning any significant releases?
Michael Barney: There isn’t a public roadmap. You could check the GitHub repo for open issues and feature requests, so if you want it to do something that it doesn’t already, feel free to open an issue.

cloudonaut: How do you stay motivated to maintain your open source project?
Michael Barney: Working at a company that encourages best practices and thought leadership like Trek10, it’s pretty easy to stay motivated. I love good software.

cloudonaut: Are you attending any conferences within the next few months where the community can get in touch?
Michael Barney: I should be attending ServerlessConf this year.

What tools do you use to make your AWS work easier? Share your favorite tool with us!

Become a cloudonaut supporter

Michael Wittig

Michael Wittig ( Email, Twitter, or LinkedIn )

We launched the cloudonaut blog in 2015. Since then, we have published 350 articles, 45 podcast episodes, and 38 videos. It's all free and means a lot of work in our spare time. We enjoy sharing our AWS knowledge with you.

Please support us

Have you learned something new by reading, listening, or watching our content? With your help, we can spend enough time to keep publishing great content in the future. Learn more

$
Amount must be a multriply of 5. E.g, 5, 10, 15.

Thanks to Alan Leech, Alex DeBrie, ANTHONY RAITI, Christopher Hipwell, Jaap-Jan Frans, Jason Yorty, Jeff Finley, Jens Gehring, jhoadley, Johannes Grumböck, John Culkin, Jonas Mellquist, Juraj Martinka, Kamil Oboril, Ken Snyder, Ross Mohan, Ross Mohan, sam onaga, Satyendra Sharma, Shawn Tolidano, Thorsten Hoeger, Todd Valentine, Victor Grenu, and all anonymous supporters for your help! We also want to thank all supporters who purchased a cloudonaut t-shirt.