When I started my new job in the fintech world, I knew security was going to be tight and paramount. I didn’t, however, realize how annoying security was going to be, too.
One of the security measures we use for accessing AWS is multi-factor authentication via an authentication app. Accessing a site with it is easy-peasy: get the prompt and enter your code. Accessing non-web resources (like repos) is a bit more cumbersome.
So cumbersome, in fact, we had a script that we used to handle it. It wasn’t compatible across multiple OSes, it wasn’t pretty (but was functional), and wasn’t all the cute.
During the early days after onboarding but before I really had my wits about me to dive into projects, I took the time to write Marvin, a friendly, pure-Python script for handling your authentication.
""" Refresh your AWS MFA session with Marvin. To run: > python marvin.py standard Expected setup of ~/.aws/credentials: > [standard] <- You can change this > region=us-east-2 <- optional, see -r/--region and [fetchmfa].region > > [fetchmfa] > aws_access_key_id=[...] > aws_secret_access_key=[...] > mfa_serial=arn:aws:iam::XXX:mfa/<AWS USER ID> > session_duration=129600 <- optional, see -t/--duration > region=us-east-2 <- option, see -r/--region and [standard].region """