aws-runas
awsu
aws-runas | awsu | |
---|---|---|
5 | 1 | |
86 | 172 | |
- | 0.0% | |
4.1 | 0.7 | |
14 days ago | about 1 year ago | |
Go | Go | |
MIT License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
aws-runas
- How do you get CLI credentials for a federated role?
-
session manager vs plain old ssh
I use aws-runas, the 3.x versions have builtin support for using session manager with shell and port forwarding.
-
Forcing users to authenticate with MFA
I can't comment on your particular MFA policy issue, but you could consider adding aws-runas to your workflow. Although mostly written for assuming roles, I have used it with session tokens with much success. The logic to assume roles using MFA actually calls the get-session-token API under the covers so the session token credentials indicating MFA was used are leveraged to get the role credentials.
-
aws-runas - Make using IAM roles easier
Version 3.0 is available for download from Github: https://github.com/mmmorris1975/aws-runas/releases/latest
-
Problems using a profile with assumed role
Have you considered a tool like aws-runas? It makes these sort of interactions much easier, and in the coming major release it will support all of the different Assume Role mechanics (IAM, SAML, and Web Identity). It currently handles IAM and SAML.
awsu
What are some alternatives?
gimme-aws-creds - A CLI that utilizes Okta IdP via SAML to acquire temporary AWS credentials
goreleaser-action - GitHub Action for GoReleaser
saml2aws - CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP
homebrew-taps - Brew support for various kreuzwerker tools
aws-mfa - Manage AWS MFA Security Credentials
docker-gh-action-test - Running docker in GitHub Actions
zitadel - ZITADEL - The best of Auth0 and Keycloak combined. Built for the serverless era.
trackiam - A project to collate IAM actions, AWS APIs and managed policies from various public sources.
aws-vault - A vault for securely storing and accessing AWS credentials in development environments
aws-sdk-go - AWS SDK for the Go programming language.
casdoor - An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA and RADIUS [Moved to: https://github.com/casbin/casdoor]