CLI tool to authenticate AWS IAM users with password + MFA via Console sign-in (no access keys needed)
Project description
awsuser
Python CLI for AWS IAM user authentication with password + MFA. Automates the AWS Console sign-in flow using a headless browser to obtain temporary credentials — no pre-existing access keys needed.
Installation
pip install awsuser
playwright install chromium
Or from source:
pip install -e ".[test]"
playwright install chromium
Note: On macOS and Windows,
awsuseruses your installed Google Chrome by default. You only needplaywright install chromiumif Chrome isn't installed or you want to use the bundled Chromium.
Usage
# Basic usage (prompts for password and MFA code)
awsuser -a 123456789012 -u alice
# Save password to system keyring for next time
awsuser -a 123456789012 -u alice --save
# Output as environment variables
source <(awsuser -a 123456789012 -u alice --output env)
# Custom profile name
awsuser -a 123456789012 -u alice -p myprofile
# With specific region
awsuser -a 123456789012 -u alice --region us-west-2
# Use a specific browser
awsuser -a 123456789012 -u alice --browser firefox
# Debug mode (verbose logging)
awsuser -a 123456789012 -u alice --debug
How It Works
- Prompts for your IAM user password (or reads from keyring/
USER_PASSWORDenv var) - Prompts for your 6-digit MFA TOTP code
- Opens a headless browser (Google Chrome on macOS/Windows, Chromium on Linux)
- Automates the AWS Console sign-in flow (account + username + password + MFA)
- Opens CloudShell and runs
aws configure export-credentials - Extracts temporary credentials and writes them to
~/.aws/credentials
Running Tests
./run_tests.sh
Or manually:
python3 -m pytest tests/ --cov=awsuser --cov-report=term-missing --cov-fail-under=80 -v
Documentation
License
MIT
Disclaimer
This tool automates the AWS Console sign-in flow using browser automation. It relies on the Console's UI structure which AWS may change without notice. If the tool stops working after an AWS Console update, please open an issue.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file awsuser-0.1.0-py3-none-any.whl.
File metadata
- Download URL: awsuser-0.1.0-py3-none-any.whl
- Upload date:
- Size: 9.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.14.4
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
cb33dc6319ffb5bc9f829c5ecad38d506f294a078554d00feb5cc391e2d559af
|
|
| MD5 |
64d16da9840d4686bc106af3176fed37
|
|
| BLAKE2b-256 |
2482291f1649f0803974e614b10e557590faeb080fa21e7c3d16a0b95b3dd0ac
|
