AWS SAML Auth Python Script
This will connect to an ADFS IDP to generate a SAML credential for AWS CLI usage.
This script will connect to an ADFS Identity Provider and will allow you to select which role you want to assume using SAML. It will list all accounts and roles that you have access to through your identity provider. For more information on how this was built, see my blog and the AWS Security Blog.
Run a command line/shell as administrator that has pip in the path.
pip install boto3 bs4 awscli requests configparser lxml plac
Download the script and invoke by running
Advanced Usage To Convert to Friendly Names
Create a file that contains a comma separated list with 'AWS Account ID','Name You Remember' (e.g., '012345678901','Prod')
py aws_saml_auth.py -f account_ids.txt
N/A for now.
- Initial GitHub relase. Works with several parameters.
- Added function to ingest an id file and convert the mapping into friendly names.
- Added session duration to the SAML token request to be able to take advantage of longer maximum session durations.
- Demoing git
- Fork it (https://github.com/tjsullivan1/aws_saml_auth/fork)
- Create your feature branch (
git checkout -b feature/fooBar)
- Commit your changes (
git commit -am 'Add some fooBar')
- Push to the branch (
git push origin feature/fooBar)
- Create a new Pull Request