Generates AWS credentials for roles using STS
Project description
Generates AWS credentials for roles using STS and writes them to `~/.aws/credentials`
Usage
Simply pipe a SAML assertion into awssaml
# create credentials from saml assertion
$ oktaauth -u jobloggs | aws_role_credentials saml –profile dev
Or for assuming a role using an IAM user:
# create credentials from an iam user
$ aws_role_credentials user arn:aws:iam::111111:role/dev jobloggs-session –profile dev
For roles that require MFA:
# create credentials from an iam user with mfa
$ aws_role_credentials user arn:aws:iam::111111:role/dev jobloggs-session –profile dev –mfa-serial-number arn:aws:iam::111111:mfa/Jo –mfa-token 102345
Options
- --profile
Use a specific profile in your credential file (e.g. Development). Defaults to sts.
- --region
The region to use. Overrides config/env settings. Defaults to us-east-1.
Thanks
Thanks to Quint Van Deman of AWS for demonstrating how to do this. https://blogs.aws.amazon.com/security/post/Tx1LDN0UBGJJ26Q/How-to-Implement-Federated-API-and-CLI-Access-Using-SAML-2-0-and-AD-FS
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distributions
Hashes for aws_role_credentials-0.3.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | aaf799290b2425b9639193d26d0b9cd56a410e8156d9431d33fc6672f449b1b4 |
|
MD5 | 8db76a5c54107e0f3d51db89802cacb0 |
|
BLAKE2b-256 | 1ba1d353816bd85872fe8d30561b65be89ef2f44e8bfc1de2e0ec67af5869c15 |
Hashes for aws_role_credentials-0.3.0.linux-x86_64.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3f4a16930a7df817e8882af593788c83e00d617d481bcafd3589c98707f9e6d9 |
|
MD5 | e1c5ed42f250191ef803afa7dbc960e4 |
|
BLAKE2b-256 | cb247c7bed27d10ebdf4b46901d929240ce869cc646b3a00a0adeb4b5571e0eb |
Hashes for aws_role_credentials-0.3.0-py2.py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 7f7d06046a1830ef706006a0af59bc26631ad1601ed4676f782ca867f391907d |
|
MD5 | c1752ef60a2e49951f838ab463b9a04a |
|
BLAKE2b-256 | 27b5181acf9c3f3d12775153c46c7bd1ab30656328458da1caaaf980e1aadc9b |
Hashes for aws_role_credentials-0.3.0-py2.6.egg
Algorithm | Hash digest | |
---|---|---|
SHA256 | a70560efc1a7bce1e569c6e412855db428b0b4004d0625666c163f42de38d5c0 |
|
MD5 | 66e8c312917362aedaf6bdbc7f9ae4fb |
|
BLAKE2b-256 | 01550373d4af178e837e3aafd380d082ef49cd9509dbe4ef19690409bc6c1732 |