Skip to main content
Help us improve Python packaging – donate today!

An aws-adfs spinoff that fits BYU's needs

Project Description

Python script for CLI and SDK access to AWS via ADFS while requiring MFA access using https://duo.com/

History and Purpose

BYU used to use the great aws-adfs CLI tool to login to our AWS accounts. It worked great, especially the DUO 2FA support. Eventually, we decided to write our own similar tool but make it BYU-specific so that we could taylor it to our needs (which basically means hard-code certain BYU-specific things) and remove some of the required parameters. Since this tool will be used by BYU employees only we had that option. We then morphed it a little more for our use cases. This isn’t something that you could use outside of BYU, sorry.

Installation

Usage

awslogin defaults to the default profile in your ~/.aws/config and ~/.aws/credentials files. *If you already have a default profile you want to save in your ~/.aws files make sure to do that before running awslogin.*

Once you’re logged in, you can execute commands using the AWS CLI or AWS SDK. Try running aws s3 ls.

Currently, awslogin tokens are only valid for 1 hour due to the assume_role_with_saml AWS API call has a max timeout of 1 hour.

To use it:

  • Run awslogin and it will prompt you for the AWS account and role to use.
  • Run awslogin --account <account name> --role <role name> to skip the prompting for account and name. You could specify just one of the arguments as well.
  • Run awslogin --profile <profile name> to specifiy an alternative profile
  • Run awslogin -- --help for full help message

Reporting bugs or requesting features

  • Enter an issue on the github repo.
  • Or, even better if you can, fix the issue and make a pull request.

Deploying changes

  • Update the version in the VERSION file.
  • Commit the change and push. Handel-codepipeline will run the automated tests and if they pass it will build and upload a new version to pypi.

TODO

  • gracefully handle the error case when the duo push is rejected
  • Add support for profiles (@dsw88 is this already done?)
  • Authenticate once for 8 hours and rerun awslogin to relogin
  • Write tests - roles.py - assume_role.py

Release history Release notifications

History Node

0.13.5

History Node

0.13.4

History Node

0.13.3

History Node

0.13.2

History Node

0.13.1

History Node

0.13.0

History Node

0.12.9

History Node

0.12.8

History Node

0.12.7

History Node

0.12.6

History Node

0.12.5

History Node

0.12.4

History Node

0.12.3

History Node

0.12.2

History Node

0.12.1

History Node

0.12.0

History Node

0.11.3

History Node

0.11.2

History Node

0.11.1

History Node

0.11.0

History Node

0.10.8

This version
History Node

0.10.7

History Node

0.10.6

History Node

0.10.5

History Node

0.10.4

History Node

0.10.3

History Node

0.10.2

History Node

0.10.1

History Node

0.9.17

History Node

0.9.16

History Node

0.9.15

History Node

0.9.14

History Node

0.9.13

History Node

0.9.12

History Node

0.9.11

History Node

0.9.10

History Node

0.9.9

History Node

0.9.8

History Node

0.9.7

History Node

0.9.6

History Node

0.9.4

History Node

0.9.3

History Node

0.9.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, size & hash SHA256 hash help File type Python version Upload date
byu_awslogin-0.10.7-py3-none-any.whl (16.2 kB) Copy SHA256 hash SHA256 Wheel py3 Jul 17, 2017
byu_awslogin-0.10.7.tar.gz (10.7 kB) Copy SHA256 hash SHA256 Source None Jul 17, 2017

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging CloudAMQP CloudAMQP RabbitMQ AWS AWS Cloud computing Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page