Simplifying AWS Credentials Management with Awsume

Charu Srivastava

2024.04.11

Hi, I am Charu from Classmethod. In this blog, we'll go through the steps to install and use Awsume effectively. Awsume is a powerful command-line tool that simplifies the process of managing AWS credentials, making it easier than ever to switch between different AWS accounts and roles seamlessly.

Let's get started!

The first step is to install Awsume on your machine. Awsume is written in Python and can be installed via pip or pipx, Python's package manager. Open your terminal and run the following command:

pipx install awsume
pip install awsume

If you don't have pipx, you can install it from here.

brew install pipx

Run the following command to add the directory where pipx installs executable files to your system's PATH,

pipx ensurepath

To check if Awsume is installed properly, run this command,

pipx list | grep awsume

Before diving into Awsume, ensure that you have your AWS credentials configured properly. You can do this by editing the ~/.aws/config and ~/.aws/credentials files.

Type cat ~/.aws/config and check the content. It should look something like this,

[default]
region=ap-northeast-1
output=json

[profile YOUR-PROFILE-NAME]
region = ap-northeast-1
mfa_serial = arn:aws:iam::xxxxxxxxxxxx:mfa/abc
role_arn = arn:aws:iam::yyyyyyyyyyyy:role/abc
source_profile = default

Let's check our credentials file next. Type cat ~/.aws/credentials in the terminal. It should look something like this,

[default]
aws_access_key_id = YOUR_ACCESS_KEY_ID
aws_secret_access_key = YOUR_SECRET_ACCESS_KEY

Replace 'YOUR_ACCESS_KEY_ID' and 'YOUR_SECRET_ACCESS_KEY' with your actual AWS access key ID and secret access key.

You can view your profiles by typing the following command:

awsume -l

Now, let's assume an AWS IAM role using Awsume. The basic syntax for assuming a role is:

awsume [profile-name]

Replace with the name of the AWS profile containing the IAM role you want to assume. For example:

awsume my-aws-profile

It will ask you to enter your MFA code if you have MFA enabled.

Now that you've assumed the desired AWS IAM role, you can use the AWS CLI as usual. For example, to list the S3 buckets in your AWS account:

aws s3 ls

Conclusion:

With Awsume, managing AWS CLI authentication becomes very easy. No more manual credential input is needed. By simplifying the process of assuming AWS IAM roles, Awsume empowers you to focus on your tasks without unnecessary distractions. Give Awsume a try today and experience the convenience firsthand!

Thank you for reading!

Happy Learning!