Comments (3)
Hey - I'm glad that this plugin has been useful for you!
I just looked into what aws-vault exec
is doing and I think it might be possible - there are a few options that I can think of:
Hacky Option
I think one solution would be to trigger a new shell (in a subshell), grabbing the ENV
variables from that shell, setting them in the existing shell, and killing the new subshell.
I don't love this option - it feels pretty hacky, but could work.
Another idea
What if, instead, the behavior exited out of your session and re-ran avsh $profile
for you? Since we know the profile from ENV
variables, we should be able to do that and it would be easier / more reliable than the other option.
I know this isn't exactly what you're asking for, so let me know.
from zsh-aws-vault.
Thanks for the prompt response! The main concern I have with the second proposal is that your active directory will jump back to where you were before you launched the first subshell. Additionally this would remove any temporary session variables that you had in your shell at the time.
The first proposal, while hacky, allows you to preserve the state of your active shell.
from zsh-aws-vault.
Thanks for the additional context. I am a bit worried about adding this behavior to this plugin directly. Because of the sensitive nature of these tokens, I don't want to take on the potential risk of exposing credentials based on an implementation decision here.
That said, I have a few other ideas to pose:
-
You could post over on aws-vault on this issue (99designs/aws-vault#72), which sounds like what we'd need to do this easily via delegation. The issue was closed for lack of context, but maybe you could reopen with the context you provided.
-
Use the
--server
feature (docs). From the docs:
Local EC2 Instance Metadata server is started. This approach has the advantage that anything that uses Amazon's SDKs will automatically refresh credentials as needed, so session times can be as short as possible. The downside is that only one can run per host and because it binds to 169.254.169.254:80, your sudo password is required.
That might work around your problem since tokens are automatically refreshed.
For now, I'm going to close this issue as "won't fix" because of the potential security concerns I mentioned above. That said, if aws-vault adds behavior that unsets and refreshes your environment variables, I'd be more than happy to add it to this project.
from zsh-aws-vault.
Related Issues (8)
- Adding the prompt? HOT 6
- Merge reegnz/aws-vault-zsh-plugin zsh completion script HOT 1
- aws profile autocomplete not working in some cases HOT 2
- Latest version opens chrome window that is not maximized HOT 3
- Allow hiding `default` login in prompt_segment
- Remove qoutes from browser option var HOT 2
- Specify yubikey otp profile does not work anymore? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from zsh-aws-vault.