v4.0.0

Fixed

• exe file extension on Windows build #123
• Regressions that unnecessarily prompted for keychain access #138 #139 #140 #145
• A number of bugs in key rotation #134

Added

• exec --server support for linux #118
• AWS_ASSUME_ROLE_TTL environment variable for exec --assume-role-ttl #128

Removed

• Drop support for reading existing AWS keys from env vars or ~/.aws/credentials when using exec. Instead we only use the keys stored in aws-vault #142

Changed

• The keyring package was extracted to https://github.com/99designs/keyring, it provides a common interface to a range of secure credential storage services #146
• Better error messages #127
• Improvements to docs #120 #121
• General improvements to code quality, testing and CI #119 #130 #136 #148

v3.7.1

Fixed:

• Fix terminal input in windows #113

Security:

• Update jose2go dependency #117

v3.7.0

Added

• Support login for profiles that don't have role_arn's

v3.6.1

Fixed

• Show error when using a profile without source_profile #105
• Fixes the exit code of aws-vault exec to be that of the subcommand executed #107

v3.6.0

• If role_session_name is available in ~/.aws/config it's now used in place of the Unix timestamp for the session name #87
• If there is a role to be assumed, use the IAM credentials with AssumeRole rather than GetSessionToken. This allows session expiry of 12 hours #92
• Fix cross compiled binaries in Linux #94
• Added the freedesktop.org's Secret Service as a backend #98
• aws-vault login now logs into the region set in the profile config #103

v3.5.0

• Fixes macOS Sierra (10.12) compatibility #85 #88
• Use a more modular kingpin cli configuration #74

v3.4.0

• adds the --stdout parameter to aws-vault login to print the login URL to the console instead of opening the default application/browser

v3.3.0

• Add an --assume-role-ttl flag to control duration of assumed role TTL
• Add a basic file backend and the ability to choose backends with --backend or AWS_VAULT_BACKEND env
• Don't clobber AWS_CONFIG_FILE in subshells (might break things, see #65)
• Add a rotate command for automating key rotation (woot, thanks @sj26)

v3.3.0 (experimental)

• Add an --assume-role-ttl flag to control duration of assumed role TTL
• Add a basic file backend and the ability to choose backends with --backend or AWS_VAULT_BACKEND env
• Don't clobber AWS_CONFIG_FILE in subshells (might break things, see #65)
• Add a rotate command for automating key rotation (woot, thanks @sj26)

v3.2.0

• Support different prompt drivers. Use --prompt=osascript to get a dialog prompt on osx
• Terminal prompt driver now writes to stderr (#56)
• Add a --no-session flag to exec to use root credentials (See #15)
• login command now opens in default browser