Automic VaultAutomic Vault

brew

使用 Homebrew, Nix 安装 awsume

查看 awsume 的安装路径、可执行文件、元数据以及面向 AI 代理工作流的安全说明。

安装

其他安装命令

macOS

Homebrew已验证 · 100%
brew install awsume

local Homebrew formula metadata

Linux

Nix已验证 · 92%
nix profile install nixpkgs#awsume

nixpkgs package indexes · pkgs/by-name/aw/awsume/package.nix · 来源: api.github.com

概览

软件包摘要

Utility for easily assuming AWS IAM roles from the command-line

命令和别名

  • autoawsume
  • awsume
  • awsume-autocomplete
  • awsume-configure
  • awsume.bat
  • awsume.fish
  • awsume.ps1
  • awsumepy

历史

项目历史与用法

AWSume is a command-line utility for assuming AWS IAM roles and exporting the resulting credentials into the user's shell environment. It is built around a daily AWS workflow: move between profiles, MFA-backed sessions, and role chains without hand-editing environment variables.

项目历史

The `trek10inc/awsume` repository was created in March 2016. Its official documentation describes AWSume as a utility for retrieving and exporting AWS credentials from AWS shared config and credentials files, including profiles that require MFA or assume-role calls.

By the v4 era, the docs emphasized shell integration: on Unix-like systems AWSume needs to be sourced or aliased because a child process cannot update a parent shell's environment. The project also grew plugin and extra-feature support, including SAML, fuzzy matching, console helpers, auto-refresh, role chaining, and credential export back into AWS profile files.

采用历史

AWSume's adoption is mostly among developers and operators managing many AWS accounts or roles. That is a common agency, consulting, and platform-team problem: the standard AWS shared profile format is flexible, but repeatedly calling STS and exporting temporary credentials is tedious.

The official docs recommend pipx or pip rather than Homebrew, while the Homebrew formula still exists for users who prefer system package managers. That split is worth noting: package-manager availability is convenient, but the project itself treats Python packaging as the official install path.

使用方式

A normal workflow is `awsume <profile_name>` after shell alias setup. AWSume reads `~/.aws/config` and `~/.aws/credentials`, handles MFA or role assumption when needed, then sets variables such as `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, `AWS_SESSION_TOKEN`, `AWS_PROFILE`, and region variables.

AWSume stores its own configuration at `~/.awsume/config.yaml` by default, or `${XDG_CONFIG_HOME}/awsume/config.yaml` when XDG config is set. It also caches MFA-authenticated credentials under `~/.awsume/cache/` according to the official overview.

为什么软件包爱好者会关心

AWSume is important for package nerds because it highlights a packaging wrinkle: some command-line tools are not just executables, they must integrate with the parent shell. The install is only half the story; aliases, shell wrappers, and PATH behavior determine whether it actually works.

It also belongs to the larger AWS credential-helper family: focused tools that do not replace AWS CLI but make AWS CLI, SDKs, and arbitrary subprocesses easier to use safely with temporary credentials.

时间线

  • 2016: Public GitHub repository `trek10inc/awsume` created.
  • 2019: v4.0.0-era tag/commit appears in the repository history.
  • 2020: v4.5.0 release commit recorded.
  • 2024: Official docs mention 4.5.x credential_process support and 4.4.x role-chaining improvements.

Related projects

  • AWS CLI and AWS SDKs consume the environment variables and shared credentials AWSume manages.
  • AWS STS AssumeRole and GetSessionToken are the AWS API operations behind many AWSume workflows.
  • awsume-console-plugin and other AWSume extras extend the core credential workflow.

安全态势

尚未找到受保护工具覆盖

没有找到 awsume 的匹配本地密钥处理 manifest。Nucleus 软件包元数据仍在此发布,以便未来覆盖拥有稳定的软件包 URL。

安装行为

  • formula 元数据中未记录 Homebrew post-install 钩子。
  • Homebrew bottle 元数据适用于 6 个平台目标。
  • 安装时包含 2 个运行时依赖。

建议审查

在无人值守的代理使用前,请检查该工具是否读取明文凭据、写入远程状态、发布制品或调用插件。

local files

Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.

Configuration files

Config paths the tool may read or write during local use.

Unix
~/.awsume/config.yaml${XDG_CONFIG_HOME}/awsume/config.yaml~/.aws/config

Credential files

Credential-bearing paths to review before unattended agent runs.

Unix
~/.aws/credentials

可执行文件

已安装的可执行文件

命令类型暴露范围备注
autoawsumecli全局可执行文件
awsumecli全局可执行文件
awsume-autocompletecli全局可执行文件
awsume-configurecli全局可执行文件
awsume.batcli全局可执行文件
awsume.fishcli全局可执行文件
awsume.ps1cli全局可执行文件
awsumepycli全局可执行文件

新鲜度

版本和新鲜度

这些信号区分页生成时间、软件包管理器活动和上游发布比较。只有存在证据 URL 和可比较版本时,才会提示版本落后。

页面生成时间2026-07-08
管理器版本4.5.5
管理器更新时间2026-06-22
本地数据OK
上游当前
检测到的最新版本4.5.5

https://github.com/trek10inc/awsume

  • OK没有生成新鲜度警告。

安装元数据

软件包元数据

软件包键brew:awsume
版本4.5.5
软件包管理器Homebrew
软件包管理器页面https://formulae.brew.sh/formula/awsume
主页https://awsu.me
仓库https://github.com/trek10inc/awsume
上游文档https://awsu.me/
许可证MIT
源码归档https://github.com/trek10inc/awsume/archive/refs/tags/4.5.5.tar.gz
最后更新2026-06-22T09:49:41-04:00
Pulseupdated
依赖libyaml, python@3.14
macOS 提供的库sqlite
Bottle可用 (于 arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-install未定义
服务未声明

注册表事实

源数据库详情

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Nameawsume
Version Scheme0
Revision1
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

源数据库匹配

其他软件包管理器记录

匹配项来自外部软件包管理器索引,并与本地 Automic Vault 软件包链接分开显示。

Nix95%

awsume

nix profile install nixpkgs#awsume
  • normalized package name match
  • 匹配方式:Awsume
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/aw/awsume/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

来源线索

由仓库数据生成

此页面由 av-webscripts/generate-pkg-sqlite.py 生成的私有软件包 SQLite 工件提供。

使用的来源

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated configuration and credential file locations
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment