aws-google-auth

Command line tool to acquire AWS temporary (STS) credentials using Google Apps as a federated (Single Sign-On) provider.

TLDR

Log in with Google SSO using the IDP and SP identifiers and set the credentials duration to one hour

$ aws-google-auth -u [example@example.com] -I [$GOOGLE_IDP_ID] -S [$GOOGLE_SP_ID] -d [3600]
copy


Log in [a]sking which role to use (in case of several available SAML roles)
$ aws-google-auth -u [example@example.com] -I [$GOOGLE_IDP_ID] -S [$GOOGLE_SP_ID] -d [3600] -a
copy


Resolve aliases for AWS accounts
$ aws-google-auth -u [example@example.com] -I [$GOOGLE_IDP_ID] -S [$GOOGLE_SP_ID] -d [3600] -a --resolve-aliases
copy


Show help information
$ aws-google-auth -h
copy

Copied to clipboard