Go Rapture

Shell-integrated CLI for assuming AWS IAM roles
Alternatives To Go Rapture
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Casbin14,1094622 days ago210September 20, 202222apache-2.0Go
An authorization library that supports access control models like ACL, RBAC, ABAC in Golang
Aws Vault7,360142 days ago78March 08, 202244mitGo
A vault for securely storing and accessing AWS credentials in development environments
Aws Iam Authenticator1,9704516 days ago27July 01, 202217apache-2.0Go
A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster
2 months ago2March 10, 2021105bsd-3-clauseGo
kube2iam provides different AWS IAM roles for pods running on Kubernetes
Configure Aws Credentials1,730
a day ago41mitJavaScript
Configure AWS credential environment variables for use in other GitHub Actions.
5 months ago8January 13, 202220agpl-3.0Python
A tool for quickly evaluating IAM permissions in AWS.
a month ago1July 07, 2021121apache-2.0Go
Integrate AWS IAM with Kubernetes
Rbac Lookup718
16 days ago30July 06, 20228apache-2.0Go
Easily find roles and cluster roles attached to any user, service account, or group name in your Kubernetes cluster
2 years ago6March 21, 202018bsd-3-clausePython
CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
Terraform Aws Iam607
2 days ago8apache-2.0HCL
Terraform module which creates IAM resources on AWS 🇺🇦
Alternatives To Go Rapture
Select To Compare

Alternative Project Comparisons


Rapture is a shell-integrated CLI tool for assuming AWS IAM roles easily and quickly.

Usage Example

$ rapture whoami

$ rapture alias set admin arn:aws:iam::000011110000:role/admin-power
alias 'admin' was set to 'arn:aws:iam::000011110000:role/admin-power'

$ rapture alias ls
arn:aws:iam::000011110000:role/admin-power admin
arn:aws:iam::302830283028:role/marketing-access marketing

$ rapture assume admin
Assumed role 'arn:aws:iam::000011110000:role/admin-power'

$ rapture whoami

$ rapture resume
Resumed base credentials

$ rapture whoami


  • A machine that can run golang binaries
  • Bash, zsh, or fish


First, install the latest Rapture binary for your platform from Github and copy it to a directory in your PATH. Or if you prefer you can build it yourself (Go 1.12 or higher required):

$ go install github.com/daveadams/go-rapture/cmd/[email protected]

To configure your shell to load Rapture at startup, follow the instructions below for your specific shell.

Bash/Zsh Installation

In your shell startup file (usually ~/.bash_profile or ~/.bashrc; for Zsh usually ~/.zshrc), add the following line:

eval "$( command rapture shell-init )"

Fish Installation

In your Fish startup file (~/.config/fish/config.fish), add the following line:

eval ( command rapture shell-init )

Verifying the setup

Finally, open a new terminal window to verify that Rapture is automatically loaded:

$ rapture check
OK: Rapture is set up correctly

Upgrading from Bash Rapture

Simply remove the command source ~/.rapture/rapture.sh from your shell startup script, and replace it with the new command mentioned above. The old Rapture configuration files will continue to work in the same way.


No configuration is required to start using Rapture, but Rapture will store configuration in config.json, aliases.json, and accounts.json in the ~/.rapture directory.

Environment Variables

Rapture exports the RAPTURE_ROLE environment variable with the user-supplied identifier of the currently-assumed role, either the role alias, or the ARN.

Rapture also exports the RAPTURE_ASSUMED_ROLE_ARN environment variable to the full ARN of the currently assumed role.

Both of these environment variables are unset when base credentials are loaded.

Vaulted integration

Rapture does not manage your secrets for you. But Rapture is integrated with Vaulted for providing secure storage of AWS access keys (and other secrets) in an easily manageable format and for loading them into your environment.

If you have your AWS credentials configured in a vault named default, then you can simply run:

$ rapture init

This will run vaulted on your behalf to load the credentials from the default Vault into your current environment. Or you can specify a different vault name:

$ rapture init awsvault

If you set a value for default_vault in ~/.rapture/config.json, Rapture will use that name instead of default as the default vault to decrypt.


This software is public domain. No rights are reserved. See LICENSE for more information.

Popular Role Projects
Popular Iam Projects
Popular Security Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Amazon Web Services
Fish Shell
Aws Iam