Our great sponsors
-
saml2aws
CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
I think https://github.com/theorlandog/mfa-aws will help. I only use it for MFA, but it also has assume-role functionality.
I will tell you that some tools like sceptre and terraform barf using a profile with mfa like this and I ended up using aws-mfa: https://github.com/broamski/aws-mfa and run this for example to create a "dynamic" runamok-power profile:
See: * https://github.com/hashicorp/terraform-provider-aws/issues/10491 * https://github.com/Sceptre/sceptre/issues/674
See: * https://github.com/hashicorp/terraform-provider-aws/issues/10491 * https://github.com/Sceptre/sceptre/issues/674
Bonus comment: After setting up your aws credentials, have a look at awsume, which makes rapid switches between accounts and roles a lot easier.. :)