awslogin

package module
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 3, 2021 License: MPL-2.0 Imports: 12 Imported by: 0

README

What's this

This command-line tool allows you to acquire AWS temporary (STS) credentials using Google Apps as a federated (Single Sign-On, or SSO) provider. This project was inspired from aws-google-auth and the help of playwright-go for the interactive Graphic User Interface (GUI)

Features

  • Interactive Authentication
  • Multi-Factor Authentication (Hardware & Software)
  • Caching SAML assertion document
  • Environment variable supported
  • Captcha input supported

Usage

aws-google-login --help
NAME:
   aws-google-login - Acquire temporary AWS credentials via Google SSO (SAML v2)

USAGE:
   aws-google-login [global options] command [command options] [arguments...]

COMMANDS:
   help, h  Shows a list of commands or help for one command

GLOBAL OPTIONS:
   --list-roles, -l            Listing AWS Role(s) were associated with (authenticated) user (default: false)
   --duration value, -d value  Session Duration which is used to assume to a role (default: 3600)
   --sp-id value, -s value     Google SSO SP identifier [$GOOGLE_SP_ID]
   --idp-id value, -i value    Google SP identifier [$GOOGLE_IDP_ID]
   --role-arn value, -r value  AWS Role Arn for assuming to
   --saml-file value           Path to file contains SAML Assertion (default: "~/.aws_google_login_cache.txt")
   --no-cache                  Force to re-authenticate (default: false)
   --get-saml-assertion        Getting SAML assertion XML (default: false)
   --export                    Print export line for working with aws cli (default: false)
   --help, -h                  show help (default: false)

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GetAttributeValuesFromAssertion 

func GetAttributeValuesFromAssertion(assertion, attributeName string) ([]string, error)

GetAttributeValuesFromAssertion parse SAML Assertion in form of XML document to return a list of attribute values from attribute name

func IsValidSamlAssertion 

func IsValidSamlAssertion(assertion string) bool

func NormalizePath 

func NormalizePath(path string) string

Types

type Amazon 

type Amazon struct {
	SamlAssertion   string
	SessionDuration int64
}

func NewAmazonConfig 

func NewAmazonConfig(samlAssertion string, sessionDuration int64) *Amazon

func (*Amazon) AssumeRole 

func (amz *Amazon) AssumeRole(roleArn, principalArn string) (*sts.Credentials, error)

AssumeRole is going to call sts.AssumeRoleWithSAMLInput to assume to a specific role

func (*Amazon) GetAssertion 

func (amz *Amazon) GetAssertion() string

func (*Amazon) GetRoleAttrName 

func (*Amazon) GetRoleAttrName() string

GetRoleAttrName return XML attribute name for Role property

func (*Amazon) GetRoleSessionNameAttrName 

func (*Amazon) GetRoleSessionNameAttrName() string

GetRoleSessionNameAttrName return XML attribute name for RoleSessionName property

func (*Amazon) GetSessionDurationAttrName 

func (*Amazon) GetSessionDurationAttrName() string

GetSessionDurationAttrName return XML attribute name for SessionDuration property

func (*Amazon) ParseRoles 

func (amz *Amazon) ParseRoles() ([]*Role, error)

type Google 

type Google struct {
	IdpID string
	SpID  string
}

func NewGoogleConfig 

func NewGoogleConfig(idpID, spID string) *Google

func (*Google) Login 

func (g *Google) Login() (string, error)

func (*Google) LoginURL 

func (g *Google) LoginURL() string

func (*Google) WaitURL 

func (g *Google) WaitURL() string

type Role 

type Role struct {
	RoleArn      string `json:"role_arn"`
	PrincipalArn string `json:"principal_arn"`
}

func (*Role) String 

func (r *Role) String() string

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.