Created this simply as a way to to experiment with using the Django REST Framework to create an AWS Token Vending Machine.
- Poetry
- sqlite3 libraries
- A set of IAM credentials in one of the standard locations Boto3 can find.
- An IAM Role named
tvmtest
configured in each account you wish to return credentials for, e.g.arn:aws:iam::{account}:role/tvmtest
-
poetry shell
-
poetry install
-
./src/manage.py migrate
-
./src/manage.py createsuperuser
In this setup doc we'll just use
admin/welcome
. -
./src/manage.py runserver
-
Login to http://localhost:8000/admin and add a Command entry which consists of a Command name which will be called via the API and the AWS IAM Identity policy document. Make sure you also check the
Enable
box. -
Call the API using curl
curl -H 'Accept: application/json; indent=4' -u admin:welcome http://127.0.0.1:8000/api/v1/credentials/<command>/<account>/
Command being the Command model entry you created, account being an AWS account number to assume the standard IAM Role in and return credentals for.