Versions:
aws-vault by 99designs is a security-oriented utility created to isolate and encrypt Amazon Web Services credentials so that plaintext access keys never reside on disk or in shell history during day-to-day development. Operating as a lightweight background daemon, the tool keeps long-term credentials inside the operating-system keystore—macOS Keychain, Windows Credential Manager, or Linux Secret Service—and then generates short-lived, on-demand session tokens that are injected into environment variables or local profiles. This design lets engineers, DevOps teams, and CI/CD pipelines run Terraform, Serverless Framework, AWS CLI, or any SDK-based workflow without exposing permanent secrets, thereby limiting the blast radius of accidental commits or laptop theft. Typical use cases include assuming cross-account roles from a central identity account, rotating keys automatically after a configurable timeout, switching between dozens of named profiles without manual exports, and enforcing multi-factor authentication for every new session. The program is distributed in both open-source and commercially supported forms; the current stable release is 7.2.0, while legacy 6.x branches remain available for environments that require older runtime dependencies. Installation packages exist for Intel and Apple-silicon Macs, 32- and 64-bit Windows, and most mainstream Linux distributions, with binaries also offered for FreeBSD and ARM variants. Configuration is declarative through a simple YAML file that maps profile names to IAM roles, regions, MFA devices, and session durations, allowing entire teams to share the same template under version control. The software is available for free on get.nero.com, with downloads provided via trusted Windows package sources (e.g. winget), always delivering the latest version, and supporting batch installation of multiple applications.
Tags: