Skip to main content
Join the official 2019 Python Developers SurveyStart the survey!

SAML federated API access for AWS

Project description

As part of AWS Governance to enhance the security with the accounts and IAM users, Federated API access is recommended for AWS resources instead of hard-coded IAM AcessID and SecretKeys in the config file.

# Steps: - Install the python package based on the OS using below command:

For Linux environment, pip install awssamllinux For Windows environment, pip install awssamlwindows
  • Create a ‘configure’ file under ~/.aws directory without providing the values for access and secret keys

    [default] output = json region = us-east-1 aws_access_key_id = aws_secret_access_key =

  • Based on the Python version and installation, the script might throw errors due to missing modules on your system like below -

    requests html5lib configparser

  • Install the required modules:

    On Linux, pip install <module>

    Eg: pip install requests

    On Windows, easy_install <module>

    Eg: easy_install requests

  • Whenever you need SAML access to your AWS services, just the command:

    aws-saml.py

  • This does the following:

    • Prompts the user for AD username/password and does SAML auth with our ADFS
      NOTE: Username has to be in the format rpega<networkID> Eg: rpegamn001
    • Based on SAML response, prompts the user to choose the roles available on AWS for that user
    • Then, stores the temporarily created credentials (using Amazon STS service) for the user in the .aws/credentials file along with STS token
    • Use API calls to work on AWS resources
    • Sample API call used in the script is for listing the S3 buckets, which is in Boto2.x format

Project details


Release history Release notifications

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for awssamlwindows, version 0.0.1
Filename, size File type Python version Upload date Hashes
Filename, size awssamlwindows-0.0.1.zip (5.5 kB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN SignalFx SignalFx Supporter DigiCert DigiCert EV certificate StatusPage StatusPage Status page