cloudtoken 2.1.7

AWS Token Vending assuming roles

Cloudtoken

Cloudtoken is a command line utility for Unix environments for facilitating the steps required to authenticate with a public cloud provider such as Amazon Web Services and retrieve access credentials that can then be used by applications running in your local environment.

Why is this needed

Acme company has decided to institute best practices for access to AWS to ensure the security of their infrastructure. In order to do this they have decided that all employees must now assume a Federated IAM Role when accessing AWS and authentication must be provided by their in-house ADFS server which will use SAML to federate the authentication to AWS.

Through the use of different plugins Cloudtoken can facilitate the different steps required the accomplish the above goals.

Cloudtoken can:

• Authenticate with ADFS.
• Handle the SAML exchange with AWS.
• Assume a Federated IAM Role and obtain ephemeral access keys.
• Make the obtained access keys available to applications running in the local environment.

Contributors

Pull requests, issues and comments welcome. For pull requests:

• Add tests for new features and bug fixes.
• Follow the existing style.
• Separate unrelated changes into multiple pull requests.

See the existing issues for things to start contributing.

For bigger changes, make sure you start a discussion first by creating an issue and explaining the intended change.

Atlassian requires contributors to sign a Contributor License Agreement, known as a CLA. This serves as a record stating that the contributor is entitled to contribute the code/documentation/translation to the project and is willing to have it used in distributions and derivative works (or is willing to transfer ownership).

Prior to accepting your contributions we ask that you please follow the appropriate link below to digitally sign the CLA. The Corporate CLA is for those who are contributing as a member of an organization and the individual CLA is for those contributing as an individual.

• CLA for corporate contributors
• CLA for individuals

License

Copyright (c) 2016 Atlassian and others. Apache 2.0 licensed, see LICENSE.txt file.

Copyright @ 2016 Atlassian Pty Ltd

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.