AWS CLI SAML Integration

2
votes

I'm using OneLogin to federate user credentials in my organization. We already have the AWS console connected as an app, but we want do something similar with the AWS CLI. Would it be possible to use SAML 2.0 authentication to give federated users access to the AWS CLI? How?

I've looked through dozens of forums and loads of documentation, but nothing really matches what I'm trying to do. (Nearly all of it pertains to AD FS, which we don't use.)

2
amazon-web-servicessaml-2.0onelogin

2 Answers

1
votes

This is totally possible.

Someone just published a python example here: https://github.com/idralyuk/samlapi_onelogin/blob/master/samlapi_onelogin.py

And I know OneLogin is working on a Java example as well that should be done soon.

0
votes

I am working with these guys, to create a utility which can have a 10 hour session (9 more hours than AWS will let you have) for AWS credentials federated through OneLogin, as I am having the exact same problem.

https://github.com/physera/onelogin-aws-cli