← all formulae

aws-vault

brew install aws-vault v7.12.3 MIT

Go command-line tool that securely stores AWS credentials in your OS keychain and generates temporary session tokens for CLI/application access.

Why you might care

Keeps long-lived AWS credentials out of plain-text config files by storing them in the system keystore, then vending short-lived temporary credentials. Integrates directly with `~/.aws/config` profiles and supports MFA prompts, making it a drop-in workflow enhancement for AWS CLI users who want better credential hygiene without abandoning their existing setup.

Categories

aws credential-manager security

Alternatives

aws-cli saml2aws granted leapp

3.9k

30-day installs · #709

12.0k

90-day · #734

46.0k

365-day · #718

374

★ GitHub stars · updated 2d ago

Build dependencies

go

GitHub topics

aws aws-vault cli credentials iam keychain mfa temporary-credentials

Links

https://github.com/ByteNess/aws-vault
GitHub: ByteNess/aws-vault
Brew formula source: Formula/a/aws-vault.rb

Blurb generated by claude-haiku-4-5 on today.

Raw metadata

{
  "aliases": [],
  "alternatives": [
    "aws-cli",
    "saml2aws",
    "granted",
    "leapp"
  ],
  "build_dependencies": [
    "go"
  ],
  "categories": [
    "aws",
    "credential-manager",
    "security"
  ],
  "caveats": null,
  "conflicts_with": [],
  "dependencies": [],
  "deprecated": 0,
  "deprecation_reason": null,
  "desc": "Securely store and access AWS credentials in development environments",
  "disable_reason": null,
  "disabled": 0,
  "enrichment_fetched_at": "2026-06-20T23:35:41+00:00",
  "first_seen": "2026-06-20T23:34:18+00:00",
  "full_name": "aws-vault",
  "github_default_branch": "main",
  "github_last_commit_at": "2026-06-18T21:05:03Z",
  "github_readme_excerpt": "# AWS Vault\n\n[![Downloads](https://img.shields.io/github/downloads/byteness/aws-vault/total)](https://github.com/byteness/aws-vault/releases)\n[![Continuous Integration](https://github.com/byteness/aws-vault/workflows/Continuous%20Integration/badge.svg)](https://github.com/byteness/aws-vault/actions)\n\n\u003e [!NOTE]\n\u003e This is a maintained fork of https://github.com/99designs/aws-vault which is an abandoned project.\n\u003e Contributions are welcome and preferably please open an [issue](https://github.com/ByteNess/aws-vault/issues) first.\n\nAWS Vault is a tool to securely store and access AWS credentials in a development environment.\n\nAWS Vault stores IAM credentials in your operating system\u0027s secure keystore and then generates temporary credentials from those to expose to your shell and applications. It\u0027s designed to be complementary to the AWS CLI tools, and is aware of your [profiles and configuration in `~/.aws/config`](https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#cli-config-files).\n\nCheck out the [announcement blog post](https://99designs.com.au/tech-blog/blog/2015/10/26/aws-vault/) for more details.\n\n## Installing\n\nYou can install AWS Vault:\n- by downloading the [latest release](https://github.com/byteness/aws-vault/releases/latest)\n- using [Homebrew](https://formulae.brew.sh/formula/aws-vault): `brew install aws-vault`\n- on Windows with [Chocolatey](https://chocolatey.org/packages/aws-vault): `choco install aws-vault` ([repo](https://github.com/gusztavvargadr/aws-vault-chocolatey) by [Guszt\u00e1v Varga](https://github.com/gusztavvargadr))\n- on [NixOS](https://search.nixos.org/packages?channel=unstable\u0026query=aws-vault): `nix-env -iA nixos.aws-vault`\n\n## Documentation\n\nConfig, usage, tips and tricks are available in the [USAGE.md](./USAGE.md) file.\n\n## Vaulting Backends\n\nThe supported vaulting backends are:\n\n| Internal name | Backend | How it works | Platforms |\n| --- | --- | --- | --- |\n| `keychain` | [macOS Keychain](https://support.apple.com/",
  "github_repo": "ByteNess/aws-vault",
  "github_stars": 374,
  "github_topics": [
    "aws",
    "aws-vault",
    "cli",
    "credentials",
    "iam",
    "keychain",
    "mfa",
    "temporary-credentials"
  ],
  "homepage": "https://github.com/ByteNess/aws-vault",
  "homepage_og_description": null,
  "homepage_og_image": null,
  "homepage_title": null,
  "installs_30d": 3873,
  "installs_365d": 46049,
  "installs_90d": 12036,
  "keg_only": 0,
  "keg_only_reason": null,
  "last_seen": "2026-06-20T23:34:18+00:00",
  "license": "MIT",
  "llm_generated_at": "2026-06-20T23:46:34+00:00",
  "llm_model": "claude-haiku-4-5",
  "name": "aws-vault",
  "oldnames": [],
  "one_liner": "Go command-line tool that securely stores AWS credentials in your OS keychain and generates temporary session tokens for CLI/application access.",
  "optional_dependencies": [],
  "rank_30d": 709,
  "rank_365d": 718,
  "rank_90d": 734,
  "raw_hash": "4006c62317717fc1",
  "recommended_dependencies": [],
  "revision": 0,
  "ruby_source_path": "Formula/a/aws-vault.rb",
  "tap": "homebrew/core",
  "test_dependencies": [],
  "uses_from_macos": [],
  "version_head": "HEAD",
  "version_stable": "7.12.3",
  "versioned_formulae": [],
  "why_use_this": "Keeps long-lived AWS credentials out of plain-text config files by storing them in the system keystore, then vending short-lived temporary credentials. Integrates directly with `~/.aws/config` profiles and supports MFA prompts, making it a drop-in workflow enhancement for AWS CLI users who want better credential hygiene without abandoning their existing setup."
}