rh-aws-saml-login

Release 0.3.3

A CLI tool that allows you to log in and retrieve AWS temporary credentials using Red Hat SAML IDP

Homepage PyPI Python

License
MIT
Install
pip install rh-aws-saml-login==0.3.3

Documentation

rh-aws-saml-login

Ruff PyPI PyPI platforms PyPI - License

A CLI tool that allows you to log in and retrieve AWS temporary credentials using Red Hat SAML IDP.

demo

Pre-requisites

  • Python 3.11 or later
  • Connected to Red Hat VPN
  • A Red Hat managed computer (Kerberos must be installed and configured) and you are logged in with your Red Hat account

How it works

The rh-aws-saml-login CLI is a tool that simplifies the process of logging into an AWS account via Red Hat SSO. It retrieves a SAML token from the Red Hat SSO server, then fetches and parses the AWS SSO login page to present you with a list of all available accounts and their respective roles. You can then choose your desired account and role, and rh-aws-saml-login uses the SAML token to generate temporary AWS role credentials. Finally, it spawns a new shell with the necessary AWS_ environment variables already set up, so you can immediately use the aws CLI without any further configuration.

Installation

On CSB Fedora, you need to install the Kerberos development package:

sudo dnf install krb5-devel

You can install this library from PyPI with pip:

python3 -m pip install rh-aws-saml-login

or install it with pipx:

pipx install rh-aws-saml-login

You can also use pipx to run the library without installing it:

pipx run rh-aws-saml-login

Usage

rh-aws-saml-login

This spawns a new shell with the following environment variables are set:

  • AWS_ACCOUNT_NAME: The name/alias of the AWS account
  • AWS_ROLE_NAME: The name of the role
  • AWS_ROLE_ARN: The ARN of the role
  • AWS_ACCESS_KEY_ID: The access key used by the AWS CLI
  • AWS_SECRET_ACCESS_KEY: The secret access key used by the AWS CLI
  • AWS_SESSION_TOKEN: The session token used by the AWS CLI
  • AWS_REGION: The default region used by the AWS CLI

Features

rh-aws-saml-login currently provides the following features (get help with -h or --help):

  • No configuration needed

  • Uses Kerberos authentication

  • Open the AWS web console for an account with the --console option

  • Shell auto-completion (bash, zsh, and fish) including AWS account names

  • Integrates nicely with the starship

     [env_var.AWS_ACCOUNT_NAME]
 format = "$symbol$style [$env_value]($style) "
 style = "cyan"
 symbol = "🚀"

Development

Ruff Checked with mypy

  • Update CHANGELOG.md with the new version number and date
  • Bump the version number in pyproject.toml

Stats

Dependencies
8
Dependent packages
0
Dependent repositories
0
Total releases
7
Latest release
First release
Stars
2
Forks
4
Watchers
11
Contributors
1
Repository size
1.52 MB
SourceRank
6

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.3.3
0.3.2
0.3.1
0.3.0
0.2.0
0.1.1
0.1.0

Contributors

Christian Assing


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2024-06-11 08:20:12 UTC

Login to resync this project