Magic credentials on the AWS CLI home using AWS SSO login
Project description
aws-sso-magic tool cli
This tool update the aws credentials file for the default profile from the aws sso login.
This solution mixed the following repositories:
- aws-sso-util AWS SSO has some rough edges, and aws-sso-util is here to smooth them out, hopefully temporarily until AWS makes it better.
- aws-sso-credentials A simple Python tool to simplify getting short-term credential tokens for CLI/Boto3 operations when using AWS SSO.
Content of the repository
- src - The main folder with the aws_sso_magic folder with the .py files & the requirements.txt.
- docker-build.sh - A docker build tool (Linux/MacOS) to build the docker image locally.
sudo ./docker-build.sh
- pyproject.toml - The metadata file with the dependencies and application information.
- Dockerfile - The docker file with the instructions to build the aws-sso-magic cli.
- eks-login - A script tool to add on the /usr/local/bin (Only for linux/macOS or Windows WSL).
eks-login develop-readonly
Installation
Using pyp installer
- Prerequisites
- Python 3.9 installed.
- AWS CLI v2 installed, please click on the link depending of your OS.
- Installation
-
Follow the pyp aw-sso-magic project instructions to install it.
Note: If you want upgrade it, please run this
pip install aws-sso-magic --upgrade
Using Docker
- Please follow the instructions from the docker hub repository of aws_sso_magic
Configuration Instructions
These steps will create the config files on the paths $HOME/.aws and $HOME/.aws-sso-magic.
- Execute the following command to configure the sso tool:
aws-sso-magic configure
- Type the following information:
- SSO start URL
- SSO Region
- Select the default profile of SSO
- CLI default client Region
- CLI default output format
- CLI profile name. Eg: default
- Enter only the name of the proxy role to use by default. Eg: MyAdminRole or just press Enter (This option will mandatory for the --eks flag)
- Optional: In case that you want to set an account alias, you can modify the file on $HOME/.aws-sso-magic/config adding the [AliasAccounts] section with key (account name) and value (alias account) Eg:
making the above configuration, it will now show the aliases in the profile selection menu when aws-sso-magic login command is executed.[AliasAccounts] test1 = dev test2 = qa test3 = staging test4 = prod
[?] Please select an AWS config profile: aws-sso default dev-admin > qa-admin staging-admin prod-admin
How to use it
- Execute the following command to select and log into the aws accounts:
aws-sso-magic login
- Execute the following command to log:
aws-sso-magic login
and select the profile to use oraws-sso-login login --profile myprofile
if you already know the profile name.
How to use it for eks support
- Prerequisites
- kubectl installed.
aws-sso-magic login
oraws-sso-login login --profile myprofile
executed previouly.
- Instructions
-
Go to the file $HOME/.aws-sso-magic/config and replace the string "replacethis" on the section default-proxy-role-name if you want to use that role name for all profiles.
[default-proxy-role-name] proxy_role_name = replacethis
or just add the profile section in the file. Eg:
[myprofile] proxy_role_name = myrolename
-
Execute the following command to select and log the eks cluster:
aws-sso-magic login --eks
or if you have configured an aws account as trusted entity having granted to assume roles on the rest of the accounts from there, please executeaws-sso-magic login
selecting profile (account and role configured as trusted identity) and then executeaws-sso-magic login --eks --eks-profile env-eks-profile
. Eg:aws-sso-magic login --profile main-admin aws-sso-magic login --eks --eks-profile qa-admin
-
Please select the EKS cluster or send the cluster name using the flag --cluster. Eg:
aws-sso-magic login --eks --cluster myekscluster
-
Copy and paste the commands according to your OS.
NOTE: If you will select another profile, please first unset the AWS_PROFILE environment variable or close this terminal and open a new one
Links
- pypi.org
- Docker Hub
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for aws_sso_magic-1.0.27-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | b02f0b109805542f73ad0bc3d6e56ddf4d37b32ce6f1fc5b794634763048170c |
|
MD5 | 15d89d624785bda915a3195b21a3a012 |
|
BLAKE2b-256 | 7b7f252c8e2d04f9f220c75af090c4712ef18a9d3ab247337e7c138765ccf7dc |