Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove server subcommand from --help #208

Merged
merged 1 commit into from
Sep 6, 2018
Merged

Remove server subcommand from --help #208

merged 1 commit into from
Sep 6, 2018

Conversation

lox
Copy link
Collaborator

@lox lox commented Dec 22, 2017

Some notes:

The "proxy" server starts up in the background and binds to 169.254.169.254:80, which is what the aws tooling connects to. It needs root permissions to create the iface and bind to a port < 1024. This is what is triggered by aws-vault server. It's meant to be pretty useless on it's own, and simply proxies requests to localhost:9099 if it exists.

The "credential" server is started at the beginning of an aws-vault exec --server invocation and it only runs for the duration of that command. It's the one with the keys to the kingdom, so it binds to localhost:9099.
#174 (comment)

Closes #207.

@lox lox added the wip label Dec 22, 2017
@lox lox mentioned this pull request Dec 22, 2017
Closed
@avram
Copy link
Contributor

avram commented Sep 5, 2018

Is there a reason this PR is marked WIP? looks like the right thing to do-- and I've been confused many times by the tempting command that is in aws-vault --help that I'm not supposed to run.

@lox
Copy link
Collaborator Author

lox commented Sep 5, 2018

@avram the docs are still in progress, but this is probably a useful change on it's own.

@avram
Copy link
Contributor

avram commented Sep 5, 2018

Right-- the actual docs could be improved as well but removing it from aws-vault --help is a big improvement as that is the only place someone would see that this subcommand even exists.

@mtibben mtibben changed the title Improve documentation on the background credential refresh ("server") mode Remove server subcommand from --help Sep 6, 2018
@mtibben mtibben merged commit 055820f into master Sep 6, 2018
@mtibben mtibben deleted the better-document-background-credential-refresh branch October 12, 2018 03:43
This was referenced Apr 4, 2019
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
wip
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lox @avram @mtibben