README
¶
LastPass x AWS x SAML = Headache for awscli?
lp-aws-saml allows you to use the awscli on your machine when your login to the aws console is via LastPass SAML login only.
It even supports 2FA and Yubikey OTP for your LastPass login and will store your LastPass session in ~/.aws/lp_cookies
so you do not have to type the password every time you need new credentials.
$ lp-aws-saml -h
Get temporary AWS credentials when using LastPass as a SAML login for AWS
Usage:
lp-aws-saml [flags]
Flags:
-d, --duration int Duration (in seconds) for AWS credentials to be valid (default 3600)
-h, --help help for lp-aws-saml
-p, --profile_name string AWS profile to set in ~/.aws/credentials (default "default")
-q, --quiet Silence output unless error
-s, --saml_config_id string LastPass saml config ID
-u, --username string LastPass username
All flags can be specified in a configuration file ~/.aws/lp_config.toml
username = "email@example.com"
saml_config_id = "12345"
$ lp-aws-saml
Logging in with: email@example.com
Password:
OTP:
A new AWS CLI profile 'default' has been added.
You may now invoke the aws CLI tool as follows:
aws --profile default [...]
This token expires in 1 hours.
You now have a new or updated entry in ~/.aws/credentials
[default]
aws_access_key_id = {YOUR_ACCESS_KEY_ID}
aws_secret_access_key = {YOUR_SECRET_ACCESS_KEY}
aws_session_token = {YOUR_SESSION_TOKEN}
Documentation
¶
There is no documentation for this package.
Source Files
Directories
Click to show internal directories.
Click to hide internal directories.