Currently we are planning to use AWS CLI for variety of use cases. As an I&AM Architect I would like to use our existing Active Directory credentials, rather than creating new IAM users and keys.
We have ADFS as well, and based on the examples given for ADFS integration for AWS CLI, I was able to create PowerShell, Python and Java sample scripts to use AD credentials and use AWS STS to create temporary credentials. It works fine. However, I am facing challenges to make our development teams understand, the benefits of using SAML based authentication rather than permanent keys in AWS CLI.
Fellow architects and developers, I would like to hear from you, how you have implemented AWS CLI authentication in your organization.