Assume an AWS Role and cache credentials using Onelogin
This package provides a script to login to Onelogin and use a SAML connection to AWS to assume a role. More details on setting up SAML for AWS can be found at Onelogin.
To install, use pip
pip install onelogin-aws-cli
To configure the script, simply run the configuration:
onelogin-aws-login -c
Once installed and configured, just run onelogin-aws-login and you'll be asked for your credentials and to choose which role you want to assume.
$ onelogin-aws-login
Onelogin Username: [email protected]
Onelogin Password:
OTP Token: 579114
Please choose the role you would like to assume:
[ 0 ]: arn:aws:iam::166878887401:role/onelogin-test-ec2
[ 1 ]: arn:aws:iam::166878887401:role/onelogin-test-s3
[ 2 ]: arn:aws:iam::772123451421:role/onelogin-test-s3
Selection:
2
Credentials cached in '/Users/myuser/.aws/credentials'
Use aws cli with --profile 772123451421:role/onelogin-test-s3/[email protected]
Note that onelogin-aws-cli
requires python 3.