Reputation: 433
API credentials as federated aws user?
my company provides me with a federated access to AWS. By that I mean, we're going to a website where we login with our SSO which then allows us to pull up the AWS console (i.e. through as custom federation broker as described here: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) I can create instances (ec2) just fine through the UI. My question is, how can I get API credentials to use with aws cli? In the IAM dashboard I don't see an option to create a credential set for myself.
Is this even something I can get to, or do they (=my it people) need to change something in the setup?
Thanks a bunch!
ps. to clarify, this we're not going through onelogin
Upvotes: 0
Views: 401
Answers (1)
Reputation: 1780
You can create a program to do this leveraging your credentials, your SSO config, and boto3.
Alternatively, I use this google chrome plugin: https://github.com/prolane/samltoawsstskeys/blob/master/README.md
Atlassian also released a tool recently to help solve this problem, and there are some other ones out there if you do some searching.
Upvotes: 1
Related Questions
- Can AWS CLI be used with a federated login?
- How to allow federated users to access k8s cluster
- Get AWS credentials for CLI from federated role
- Is AWS Federated Identities necessary if the only AWS resource a user interacts with is API Gateway?
- AWS Federated User Mapping
- Single Sign on in AWS API Gateway
- AWS Federated User - multiple aws accounts?
- How to get AWS STS using Federated User?
- APIG + federated identities - fine grained access control?
- AWS federated login name