CLI login to AWS using OpenID Connect

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for mmajis from gravatar.com mmajis

Unverified details

These details have not been verified by PyPI
Project links
Meta
Report project as malware

Project description

Log in to AWS using OpenID Connect

The aim for this is to create a general purpose CLI OIDC login with a limited set of trusted dependencies.

Tested with Azure AD. Your mileage may vary with other providers, please let us know!

Codeship Status for NitorCreations/aws-oidc-login

Setup (Azure AD example)

  • Create Azure AD App
    • Set public client reply url to http://localhost
    • Add an appRole (may be unnecessary)
    • Add users(s) to the role (to the app)
  • Create an AWS OIDC identity provider
    • Authority URL will be https://login.microsoftonline.com/<AAD tenant id>/oauth2/v2.0
    • Add your AAD app client id as audience
  • Create a web identity role with permissions you'd like
    • Edit trust relationship for the role to allow role assumption with tokens issued by AAD for your app
  • Add parameters under a suitable profile ~/.aws/config:
    • Add your application id (client id) from AAD app
    • Add your AAD tenant id
    • oidc_authority_url=https://login.microsoftonline.com/<AAD tenant id>/oauth2/v2.0
    • oidc_client_id=<id of your AAD app>
    • oidc_role_arn=<ARN of the role you are assuming on AWS>

Install aws-oidc-login

Clone this repo and run pip install aws-oidc-login inside it.

Run

The executable is called aol. Log in with default profile by simply running aol or specify a profile with aol [profile].

See aol -h for more options.

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for mmajis from gravatar.com mmajis

Unverified details

These details have not been verified by PyPI
Project links
Meta

Release history Release notifications | RSS feed

This version

0.2.0

0.1.2

0.1.1

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

aws-oidc-login-0.2.0.tar.gz (7.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

aws_oidc_login-0.2.0-py2.py3-none-any.whl (11.6 kB view details)

Uploaded Python 2Python 3

File details

Details for the file aws-oidc-login-0.2.0.tar.gz.

File metadata

  • Download URL: aws-oidc-login-0.2.0.tar.gz
  • Upload date:
  • Size: 7.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.15.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/39.0.1 requests-toolbelt/0.9.1 tqdm/4.36.0 CPython/3.7.0

File hashes

Hashes for aws-oidc-login-0.2.0.tar.gz
Algorithm Hash digest
SHA256 006a58d018c2e6967351e31b0d9d311fa99535ea50d8a4264ac1166b2591ef10
MD5 f46da971b0286dc15081d70a7c93f0ec
BLAKE2b-256 36866c1412eefdfe74d74a86549cda6cfc19f4dcf9d257b9e17babaabc5e6a5b

See more details on using hashes here.

File details

Details for the file aws_oidc_login-0.2.0-py2.py3-none-any.whl.

File metadata

  • Download URL: aws_oidc_login-0.2.0-py2.py3-none-any.whl
  • Upload date:
  • Size: 11.6 kB
  • Tags: Python 2, Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/1.15.0 pkginfo/1.5.0.1 requests/2.22.0 setuptools/39.0.1 requests-toolbelt/0.9.1 tqdm/4.36.0 CPython/3.7.0

File hashes

Hashes for aws_oidc_login-0.2.0-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 5f63ed3a0fc0745749a78f8b92f3a09427e9a0444f672d4115a77dbf31f99680
MD5 802c04751c68fa8b53b2594c6538e5d9
BLAKE2b-256 d1b1e97f06843890f755a7ea581f02e1a274a50ece38603f05c7835e20481cf8

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page