Python 3.6+ library to enable programmatic Azure AD auth against AWS
Project description
aws_azuread_login
Python 3.6+ library to enable ADFS auth against AWS
Installation
pip install aws-azuread-login
Usage
import aws_azuread_login import botocore import json # authenticate against azuread application url roles = aws_azuread_login.authenticate(os.environ['AWS_AZUREAD_ENTRY_URL'] # get creds one by one for role in roles: try: print(f'Getting credentials for role {role.role_name} in account {role.account}...') credentials = role.get_credentials() client = credentials.get_client('ec2') response = client.describe_instances() print(json.dumps(response['Reservations'], indent=2, default=str)) except botocore.exceptions.ClientError as e: print(f'\t 👎 Error getting credentials, skipping: {type(e)}, {str(e)}') # get them all at once ('sts.AssumeRole' role errors are handled by aws_azuread_login) multiple_credentials = aws_azuread_login.get_multiple_credentials(roles) for credentials in multiple_credentials: client = credentials.get_client('ec2') response = client.describe_instances() print(json.dumps(response['Reservations'], indent=2, default=str)) # get clients in different regions for credentials in multiple_credentials: client = credentials.get_client('ec2') response = client.describe_regions() for region in response['Regions']: region_name = region['RegionName'] print(f'Creating client for region {region_name}...') client = credentials.get_client('ec2', region_name=region_name) response = client.describe_instances() print(json.dumps(response['Reservations'], indent=2, default=str)) # control the session duration, e.g. 12 hours (default is 1 hour) credentials = roles[0].get_credentials(duration_seconds=60*60*12) multiple_credentials = aws_azuread_login.get_mutiple_credentials(roles, duration_seconds=60*60*12)
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
aws_azuread_login-1.2.tar.gz
(5.3 kB
view hashes)
Built Distribution
Close
Hashes for aws_azuread_login-1.2-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 6400f997bb8df8276da4985dd3836e3c4cf4df2bddde59e68a88828dede8a035 |
|
MD5 | be8894d63917497935b57305a99d079e |
|
BLAKE2-256 | e69f11f714dab96b43443a229a2c8d9733f0235ac6b1d68a1c5751a3bad77c6b |