Editing Saml2aws

Jump to navigation Jump to search

Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.

Latest revision Your text
Line 6: Line 6:
 
* https://github.com/Versent/saml2aws
 
* https://github.com/Versent/saml2aws
  
* Installation: <code>[[brew install saml2aws]]</code>
+
[[brew install saml2aws]]
 +
 
  
== Commands ==
 
 
  [[saml2aws --help]]
 
  [[saml2aws --help]]
 
  [[saml2aws help]]  
 
  [[saml2aws help]]  
 
  [[saml2aws configure]]  
 
  [[saml2aws configure]]  
 
  [[saml2aws login]]
 
  [[saml2aws login]]
[[saml2aws login --idp-account]]
 
 
  [[saml2aws login]] --verbose
 
  [[saml2aws login]] --verbose
 
  [[saml2aws exec]]  
 
  [[saml2aws exec]]  
Line 20: Line 19:
 
  [[saml2aws script]]
 
  [[saml2aws script]]
  
== Errors ==
 
* <code>[[Could not find any forms matching the provided IDs]]</code>
 
* <code>[[Error authenticating to IdP.: error loading first page: failed to build login form data: could not find any forms matching the provided IDs]]</code>
 
* <code>[[Error: not_a_saml_app]]</code>
 
  
== Related ==
 
* [[Playwright]]
 
* <code>[[download_browser_driver = true]]</code>
 
* [[Versent]]
 
  
 +
 +
 +
<pre>
 +
usage: saml2aws [<flags>] <command> [<args> ...]
 +
 +
A command line tool to help with SAML access to the AWS token service.
 +
 +
Flags:
 +
      --help                  Show context-sensitive help (also try --help-long and --help-man).
 +
      --version                Show application version.
 +
      --verbose                Enable verbose logging
 +
      --quiet                  silences logs
 +
  -i, --provider=PROVIDER      This flag is obsolete. See: https://github.com/Versent/saml2aws#configuring-idp-accounts
 +
      --config=CONFIG          Path/filename of saml2aws config file (env: SAML2AWS_CONFIGFILE)
 +
  -a, --idp-account="default"  The name of the configured IDP account. (env: SAML2AWS_IDP_ACCOUNT)
 +
      --idp-provider=IDP-PROVIDER
 +
                              The configured IDP provider. (env: SAML2AWS_IDP_PROVIDER)
 +
      --browser-type=BROWSER-TYPE
 +
                              The configured browser type when the IDP provider is set to Browser. if not set 'chromium' will be used. (env: SAML2AWS_BROWSER_TYPE)
 +
      --browser-executable-path=BROWSER-EXECUTABLE-PATH
 +
                              The configured browser full path when the IDP provider is set to Browser. If set, no browser download will be performed and the
 +
                              executable path will be used instead. (env: SAML2AWS_BROWSER_EXECUTABLE_PATH)
 +
      --browser-autofill      Configures browser to autofill the username and password. (env: SAML2AWS_BROWSER_AUTOFILL)
 +
      --mfa=MFA                The name of the mfa. (env: SAML2AWS_MFA)
 +
  -s, --skip-verify            Skip verification of server certificate. (env: SAML2AWS_SKIP_VERIFY)
 +
      --url=URL                The URL of the SAML IDP server used to login. (env: SAML2AWS_URL)
 +
      --username=USERNAME      The username used to login. (env: SAML2AWS_USERNAME)
 +
      --password=PASSWORD      The password used to login. (env: SAML2AWS_PASSWORD)
 +
      --mfa-token=MFA-TOKEN    The current MFA token (supported in Keycloak, ADFS, GoogleApps). (env: SAML2AWS_MFA_TOKEN)
 +
      --role=ROLE              The ARN of the role to assume. (env: SAML2AWS_ROLE)
 +
      --aws-urn=AWS-URN        The URN used by SAML when you login. (env: SAML2AWS_AWS_URN)
 +
      --skip-prompt            Skip prompting for parameters during login.
 +
      --session-duration=SESSION-DURATION
 +
                              The duration of your AWS Session. (env: SAML2AWS_SESSION_DURATION)
 +
      --disable-keychain      Do not use keychain at all. This will also disable Okta sessions & remembering MFA device. (env: SAML2AWS_DISABLE_KEYCHAIN)
 +
  -r, --region=REGION          AWS region to use for API requests, e.g. us-east-1, us-gov-west-1, cn-north-1 (env: SAML2AWS_REGION)
 +
      --prompter=PROMPTER      The prompter to use for user input (default, pinentry)
 +
 +
Commands:
 +
  help [<command>...]
 +
    Show help.
 +
 +
  configure [<flags>]
 +
    Configure a new IDP account.
 +
 +
  login [<flags>]
 +
    Login to a SAML 2.0 IDP and convert the SAML assertion to an STS token.
 +
 +
  exec [<flags>] [<command>...]
 +
    Exec the supplied command with env vars from STS token.
 +
 +
  console [<flags>]
 +
    Console will open the aws console after logging in.
 +
 +
  list-roles [<flags>]
 +
    List available role ARNs.
 +
 +
  script [<flags>]
 +
    Emit a script that will export environment variables.
 +
</pre>
 +
 +
 
== See also ==
 
== See also ==
 
* {{saml2aws}}
 
* {{saml2aws}}
 
* {{SAML}}
 
* {{SAML}}
* {{AWS STS}}
+
* {{AWS}}
  
 
[[Category:SAML]]
 
[[Category:SAML]]

Please note that all contributions to wikieduonline may be edited, altered, or removed by other contributors. If you do not want your writing to be edited mercilessly, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource (see Wikieduonline:Copyrights for details). Do not submit copyrighted work without permission!

Cancel Editing help (opens in new window)

Templates used on this page:

Retrieved from "https://www.wikieduonline.com/wiki/Saml2aws"

Advertising: