Skip to content
Python
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.gitignore
README.md
aws_saml_auth.py

README.md

AWS SAML Auth Python Script

This will connect to an ADFS IDP to generate a SAML credential for AWS CLI usage.

This script will connect to an ADFS Identity Provider and will allow you to select which role you want to assume using SAML. It will list all accounts and roles that you have access to through your identity provider. For more information on how this was built, see my blog and the AWS Security Blog.

Installation

Run a command line/shell as administrator that has pip in the path.

pip install boto3 bs4 awscli requests configparser lxml plac

Download the script and invoke by running py aws_saml_auth.py.

Usage example

Base Usage

Run py aws_saml_auth.py.

Advanced Usage To Convert to Friendly Names

Create a file that contains a comma separated list with 'AWS Account ID','Name You Remember' (e.g., '012345678901','Prod') Run py aws_saml_auth.py -f account_ids.txt

Development setup

N/A for now.

Release History

  • 1.0.0
    • Initial GitHub relase. Works with several parameters.
  • 1.1.0
    • Added function to ingest an id file and convert the mapping into friendly names.
  • 1.2.0
    • Added session duration to the SAML token request to be able to take advantage of longer maximum session durations.
  • 1.2.1
    • Demoing git

Meta

Tim Sullivan – @SullivanTimtimothyj.sullivan1@gmail.com

https://github.com/tjsullivan1/aws_saml_auth

Contributing

  1. Fork it (https://github.com/tjsullivan1/aws_saml_auth/fork)
  2. Create your feature branch (git checkout -b feature/fooBar)
  3. Commit your changes (git commit -am 'Add some fooBar')
  4. Push to the branch (git push origin feature/fooBar)
  5. Create a new Pull Request
You can’t perform that action at this time.