aws-cct
aws-runas
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
aws-cct
-
Open Source Cost Reporting & Cloud Inventory tooling
https://github.com/rocketmiles/aws-cct is pretty cool for generating cost reports on the CLI.
aws-runas
- How do you get CLI credentials for a federated role?
-
session manager vs plain old ssh
I use aws-runas, the 3.x versions have builtin support for using session manager with shell and port forwarding.
-
Forcing users to authenticate with MFA
I can't comment on your particular MFA policy issue, but you could consider adding aws-runas to your workflow. Although mostly written for assuming roles, I have used it with session tokens with much success. The logic to assume roles using MFA actually calls the get-session-token API under the covers so the session token credentials indicating MFA was used are leveraged to get the role credentials.
-
aws-runas - Make using IAM roles easier
Version 3.0 is available for download from Github: https://github.com/mmmorris1975/aws-runas/releases/latest
-
Problems using a profile with assumed role
Have you considered a tool like aws-runas? It makes these sort of interactions much easier, and in the coming major release it will support all of the different Assume Role mechanics (IAM, SAML, and Web Identity). It currently handles IAM and SAML.
What are some alternatives?
terraformer - CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code
gimme-aws-creds - A CLI that utilizes Okta IdP via SAML to acquire temporary AWS credentials
trackiam - A project to collate IAM actions, AWS APIs and managed policies from various public sources.
saml2aws - CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP
cloudcash - Check your cloud spending from the CLI, from Waybar, and from the macOS menu bar!
aws-mfa - Manage AWS MFA Security Credentials
zitadel - ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.
awsu - Enhanced account switching for AWS, supports Yubikey as MFA source
aws-vault - A vault for securely storing and accessing AWS credentials in development environments
aws-sdk-go - AWS SDK for the Go programming language.
casdoor - An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA and RADIUS [Moved to: https://github.com/casbin/casdoor]