terraforming
saml2aws
Our great sponsors
terraforming | saml2aws | |
---|---|---|
9 | 12 | |
4,298 | 2,003 | |
- | 1.4% | |
1.6 | 9.2 | |
over 2 years ago | 7 days ago | |
Ruby | Go | |
MIT License | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
terraforming
- Importing multiple modules at once from AWS
-
Tools like terraformer
Terraforming
- Copy Azure resources via terraform
- Existing AWS resource to HCL?
-
Where to start with a mess?
I would also strongly recommend an iterative triage process: don't feel that you need to solve everything all once. It's a huge amount of progress if you can get to a stage where you understand the relationships between services, have enough monitoring to identify failures, and can iteratively move services to more granular IAM policies even if it's all still running in one big account. Simply using a tool like terraformer or terraforming to move the manual configuration into an IaC workflow is an accomplishment, especially since it helps you both make changes more confidently and identify where new changes are still being made. Depending on the politics, that last part might be important: you'll be unpopular if you take away everyone's rights but you'll probably have better luck first nudging people to make them using a sensible flow rather than by hand.
-
Just starting out with terraform. Doubts wrt existing infra.
Haven't tried this but if I ever find myself in your situation I'll give it a spin https://github.com/dtan4/terraforming
-
Continuous Infrastructure Deployment with Terraform Cloud
There are a couple of tools to automate creating terraform configuration and prepopulate state from existing resources, like terraforming, terraformer or cf-terraforming. But it is still cumbersome and laborious and in my experience, it's usually way easier to just recreate everything within terraform from scratch wherever that's possible.
- Current infrastructure as code
-
DevOps tools you should have on your belt
🧪 Terraforming export existing AWS resources to Terraform style (tf, tfstate).
saml2aws
- CLI tool to login and retrieve AWS temporary credentials using a SAML IDP
- Script or software that automatically populate specific profile in ~/.aws/credentials
-
Completions plugin `saml2aws`
related: message on saml2aws repo
-
Securing the AWS CLI
If you have an external identity provider, you can add a SAML provider in IAM and use saml2aws locally. The session duration can be configured on the role.
-
don't want to store access key and secret key in plain text in the .aws/credentials file or variables
Or if you have an existing IdP you can use https://github.com/Versent/saml2aws and https://github.com/makethunder/awsudo. By setting up a central account that you put in your trust policy which users can assume roles.
- Script for cli commands with MFA and multiple accounts
-
Show HN: Authenticate into AWS right from your terminal window
In my company everything goes through Active Directory and we use saml2aws [1] to generate credentials with two factor involved. It works quite well for us. We even use this for our artists to create local builds of our games since we keep all important secrets and such in aws secrets mananger. We scope access to said secrets with custom roles and tags.
[1] https://github.com/Versent/saml2aws
- How do you get CLI credentials for a federated role?
-
Getting CLI credentials for an AWS account that is not under your AWS SSO organization
Technically I guess it should be possible with something like saml2aws, but it doesn't support AWS as an IdP yet.
-
saml2aws-multi: a simple tool providing an easy-to-use command line interface for saml2aws
saml2aws-multi is a simple tool I created for using saml2aws more effectively on day-to-day tasks. saml2aws-multi provides an easy-to-use command line interface to support login and retrieve AWS temporary credentials for multiple roles of different accounts with saml2aws.
What are some alternatives?
terraformer - CLI tool to generate terraform files from existing infrastructure (reverse Terraform). Infrastructure to Code
gimme-aws-creds - A CLI that utilizes Okta IdP via SAML to acquire temporary AWS credentials
copilot-cli - The AWS Copilot CLI is a tool for developers to build, release and operate production ready containerized applications on AWS App Runner or Amazon ECS on AWS Fargate.
awsume - A utility for easily assuming AWS IAM roles from the command line.
former2 - Generate CloudFormation / Terraform / Troposphere templates from your existing AWS resources.
aws-toolkit-vscode - Amazon Q, CodeWhisperer, CodeCatalyst, Local Lambda debug, SAM/CFN syntax, ECS Terminal, AWS resources
cf-terraforming - A command line utility to facilitate terraforming your existing Cloudflare resources.
aws-extend-switch-roles - Extend your AWS IAM switching roles by Chrome extension, Firefox add-on, or Edge add-on
aws-runas - aws-runas rewritten in Go
terratag - Terratag is a CLI tool that enables users of Terraform to automatically create and maintain tags across their entire set of AWS, Azure, and GCP resources
leapp - Leapp is the DevTool to access your cloud