- Go 98.3%
- Makefile 1.1%
- Shell 0.6%
|
|
||
|---|---|---|
| contrib | ||
| op | ||
| test/fixture | ||
| .drone.yml | ||
| .gitignore | ||
| .goreleaser.yaml | ||
| go.mod | ||
| go.sum | ||
| main.go | ||
| Makefile | ||
| README.md | ||
1Password credentials
A tool that uses the op 1Password command line interface to fetch credentials
and reformat them into a easy format for other tools to use. This includes
fetching of AWS credentials and outputting them for usage with
.aws/credentials file.
Requirements
- pinentry
- op (1Password cli)
Installation
Download the latest release for you architecture.
- Unpack with
tar -zxvf op-credentials_Linux_x86_64.tar.gz - Fix permissions and move into place,
chmod 755 op-credentials && sudo chown root:root op-credentials && mv op-credentials /usr/local/bin/ - Done!
Add keys in your 1Password vault
op-credentials support the item type API Credential. Add your AWS
credentials to a vault of you choice and remember their name.
Usage
op-credentials has two modes, either you can use op-credentials to wrap op CLI or you can pipe json output from op to op-credentials.
# Pipe output from op to op-credentials
$ op item get --format json op-credential | op-credentials --output aws
# Find and output credential
$ op-credentials --output aws op-credential
Providers
Setup AWS credentials
op-credentials will fetch a API Credential item from 1Password using op and
transform it into a AWS CLI credentials object. This allows for usage in the
.aws/credentials file.
[profile default]
credential_process = op-credentials --output aws --vault cli aws-default
Caveats
Permissions and ownership
To use command with 1Password GUI auth the binary needs to fullfill 3 criteria:
- Owned by root
- Permission is 755
- Location is in
/usr/bin,/usr/local/binor similar