Last active
June 18, 2020 11:25
-
-
Save joelittlejohn/08e978aa850e0a1f4f957245669f6d67 to your computer and use it in GitHub Desktop.
Once-per-week rotation of AWS keys stored by aws-vault (alternative to crontab, useful for keychain access)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ "$(find ~/.rotate -mtime -7 2>/dev/null)" ] || (for p in $(aws-vault list --profiles | grep -v default | grep -v mfa); do aws-vault rotate -n $p; done && touch ~/.rotate) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Once per week, you'll find that this process happens when you start a terminal. This allows access to the keychain without providing a keychain password in a crontab entry.