Python 3.6+ library to enable programmatic Azure AD auth against AWS
Project description
aws_azuread_login
Python 3.6+ library to enable ADFS auth against AWS
Installation
pip install aws-azuread-login
Usage
import aws_azuread_login
import botocore
import json
# authenticate against azuread application url
roles = aws_azuread_login.authenticate(os.environ['AWS_AZUREAD_ENTRY_URL']
# get creds one by one
for role in roles:
try:
print(f'Getting credentials for role {role.role_name} in account {role.account}...')
credentials = role.get_credentials()
client = credentials.get_client('ec2')
response = client.describe_instances()
print(json.dumps(response['Reservations'], indent=2, default=str))
except botocore.exceptions.ClientError as e:
print(f'\t 👎 Error getting credentials, skipping: {type(e)}, {str(e)}')
# get them all at once ('sts.AssumeRole' role errors are handled by aws_azuread_login)
multiple_credentials = aws_azuread_login.get_multiple_credentials(roles)
for credentials in multiple_credentials:
client = credentials.get_client('ec2')
response = client.describe_instances()
print(json.dumps(response['Reservations'], indent=2, default=str))
# get clients in different regions
for credentials in multiple_credentials:
client = credentials.get_client('ec2')
response = client.describe_regions()
for region in response['Regions']:
region_name = region['RegionName']
print(f'Creating client for region {region_name}...')
client = credentials.get_client('ec2', region_name=region_name)
response = client.describe_instances()
print(json.dumps(response['Reservations'], indent=2, default=str))
# control the session duration, e.g. 12 hours (default is 1 hour)
credentials = roles[0].get_credentials(duration_seconds=60*60*12)
multiple_credentials = aws_azuread_login.get_mutiple_credentials(roles, duration_seconds=60*60*12)
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
aws_azuread_login-1.2.tar.gz
(5.3 kB
view hashes)
Built Distribution
Close
Hashes for aws_azuread_login-1.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6400f997bb8df8276da4985dd3836e3c4cf4df2bddde59e68a88828dede8a035 |
|
MD5 | be8894d63917497935b57305a99d079e |
|
BLAKE2b-256 | e69f11f714dab96b43443a229a2c8d9733f0235ac6b1d68a1c5751a3bad77c6b |