Provides AWS STS credentials based on Google Apps SAML SSO auth with interactive GUI support

Overview

What's this

This command-line tool allows you to acquire AWS temporary (STS) credentials using Google Apps as a federated (Single Sign-On, or SSO) provider. This project was inspired from aws-google-auth and the help of playwright-go for the interactive Graphic User Interface (GUI)

authenticate

Features

  • Interactive Authentication
  • Multi-Factor Authentication (Hardware & Software)
  • Caching SAML assertion document
  • Environment variable supported
  • Captcha input supported

Usage

aws-google-login --help
NAME:
   aws-google-login - Acquire temporary AWS credentials via Google SSO (SAML v2)

USAGE:
   aws-google-login [global options] command [command options] [arguments...]

COMMANDS:
   help, h  Shows a list of commands or help for one command

GLOBAL OPTIONS:
   --list-roles, -l            Listing AWS Role(s) were associated with (authenticated) user (default: false)
   --duration value, -d value  Session Duration which is used to assume to a role (default: 3600)
   --sp-id value, -s value     Google SSO SP identifier [$GOOGLE_SP_ID]
   --idp-id value, -i value    Google SP identifier [$GOOGLE_IDP_ID]
   --role-arn value, -r value  AWS Role Arn for assuming to
   --saml-file value           Path to file contains SAML Assertion (default: "~/.aws_google_login_cache.txt")
   --no-cache                  Force to re-authenticate (default: false)
   --get-saml-assertion        Getting SAML assertion XML (default: false)
   --export                    Print export line for working with aws cli (default: false)
   --help, -h                  show help (default: false)
You might also like...
Home-sso-service - Single-Sign On service with golang

home-sso-service This is Single-Sign On service Dependencies go version go1.15.6

A distribute SSO system

single-sign-on-system 一:SSO单点登录系统开发总结 (一):整体架构分析 基于go-oauth2/oauth2库实现的前端分离SSO单点登录系统 (二):系统技术点分析 当前系统的业务技术栈如下 Vue3 、ElementUI 作为前端页面 Nginx 用于解决系统之间的跨域

Ginx - Evilginx2 - A man-in-the-middle attack framework used for phishing login credentials along with session cookies
Ginx - Evilginx2 - A man-in-the-middle attack framework used for phishing login credentials along with session cookies

evilginx2 is a man-in-the-middle attack framework used for phishing login creden

Go based HTTP server with 2FA based on OTP (One-Time Password) manager like Google Authenticator

Go based HTTP server with 2FA based on OTP (One-Time Password) manager like Goog

Go session management for web servers (including support for Google App Engine - GAE).

Session The Go standard library includes a nice http server, but unfortunately it lacks a very basic and important feature: HTTP session management. T

A reverse proxy that provides authentication with Google, Github or other providers.
A reverse proxy that provides authentication with Google, Github or other providers.

A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group.

A reverse proxy that provides authentication with Google, Github or other providers.
A reverse proxy that provides authentication with Google, Github or other providers.

A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain

The boss of http auth.
The boss of http auth.

Authboss Authboss is a modular authentication system for the web. It has several modules that represent authentication and authorization features that

Validate Django auth session in Golang

GoDjangoSession Valid for django 3.0.5 Usage: package main import ( "encoding/base64" "fmt" "session/auth" "github.com/Kuzyashin/GoDjangoSession"

Owner
Quan Hoang
Quan Hoang
Authentication Plugin for implementing Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0, SAML Authentication

Authentication Plugin for implementing Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0, SAML Authentication

Paul Greenberg 643 Nov 27, 2022
Makes dealing with AWS SSO Logins an ease

go-aws-sso Make working with AWS SSO on local machines an ease. What is it about? Choose and retrieve short-living role credentials from all of your S

Tim Heurich 51 Dec 1, 2022
vault-plugin-auth-usertotp is an auth method plugin for HashiCorp Vault

vault-plugin-auth-usertotp is an auth method plugin for HashiCorp Vault. Create user accounts, add TOTP tokens (user supplied pin + totp), and have peace of mind using 2FA.

Mike McRill 6 Jul 5, 2021
vault-plugin-auth-usertotp is an auth method plugin for HashiCorp Vault.

vault-plugin-auth-usertotp is an auth method plugin for HashiCorp Vault. Create user accounts, add TOTP tokens (user supplied pin + totp), and have peace of mind using 2FA.

null 0 Jul 30, 2021
Gets Firebase auth tokens (for development purposes only)Gets Firebase auth tokens

Firebase Token Gets Firebase auth tokens (for development purposes only) Getting started Create Firebase project Setup Firebase authentication Setup G

MousyBusiness 1 Nov 17, 2021
Casdoor is a UI-first centralized authentication / Single-Sign-On (SSO) platform based on OAuth 2.0 / OIDC.

A UI-first centralized authentication / Single-Sign-On (SSO) platform based on OAuth 2.0 / OIDC

Casbin 4.6k Nov 27, 2022
K8s controller to manage the aws-auth configmap

aws-auth-manager A kuberneres controller to manage the aws-auth configmap in EKS using a new AWSAuthItem CRD. The aws-auth configmap is used to give R

Matteo Ruina 12 Jul 9, 2022
an SSO and OAuth / OIDC login solution for Nginx using the auth_request module

Vouch Proxy An SSO solution for Nginx using the auth_request module. Vouch Proxy can protect all of your websites at once. Vouch Proxy supports many O

Vouch 2.1k Dec 2, 2022
sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services

sso See our launch blog post for more information! Please take the SSO Community Survey to let us know how we're doing, and to help us plan our roadma

BuzzFeed 3k Dec 1, 2022
Lightweight SSO Login System

login Lightweight SSO Login System Convention Redirect to login.changkun.de?redirect=origin When login success, login.changkun.de will redirect to ori

Changkun Ou 5 Sep 29, 2022