1.3.5

Expose the profile name, if it doesn't look like a role ARN, as the env var AWSRUNAS_PROFILE,
so downstream programs can still get access to the profile name using a variable which won't
collide with the AWS SDK operation.

1.3.4

Provide a means to pass the MFA code using the -o command line argument.

By default, the program will prompt for the MFA code if the profile is contains the mfa_serial attribute. The tool now accepts the command line option to allow you to specify the MFA code directly on the command line.

Fixes #35

1.3.3

Fix #33 to correctly handle failures when doing sts.GetCallerIdentity(). Any credentials set via environment variables were being reused after this call failed, instead of getting unset and falling through to the next credential source in the chain.

1.3.2

Fixes #32 where the environment variable setting syntax was incorrect for Windows. Removing the quotes around the environment variable value allowed things to work as expected.

1.3.1

Fix an issue when trying to deescalate super user privileges on Linux platform when using the EC2 Metadata Service. Additionally, allow the use of Linux "capabilities" to enable the use of privileged operations without the need to run the command using sudo when using the Metadata Service.

1.3.0

Move installing the main loop signal handling logic to just before executing the command so we keep the default signal handling mechanics for the rest of the program.

Build a user interface around the built-in EC2 metadata service credential endpoint.

The EC2 metadata service credential feature now comes with a frontend to allow you to switch roles via
your web browser. Run aws-runas --ec2 to get started and point your browser at http://169.254.169.254/ to select a profile name to use for credentials.

The service can also be directly managed via http endpoints on the service. More info can be found in the documentation

Signed executables for Windows will also be provided from this point forward, in addition to the unsigned versions.

1.2.1

Fix #30 so that we forward Interrupt and Quit signals to the wrapped command without causing aws-runas to explicitly exit. This creates more sane behavior when running an interactive command such as the SSM Session Manager.

1.2.0

Enable the use of EC2 instance profile credentials to assume a role
Add some more logging when early startup errors are encountered

Under the covers, the code base was migrated from dep to go modules for dependency management, and the backend library was refactored to unwind some spaghetti code and properly namespace the various components.

The logging library was changed from logo to simple-logger to use a logger compatible with the AWS SDK logger so we can surface previously hidden AWS SDK messages.

1.1.2

Official release of 1.1.2

1.1.1

Provide better handling for cases where aws-runas was started with AWS role credentials instead of user credentials.