Sunday, 12 April 2026 @ 09:17 UTC ~2 12,244 130,117

saml2aws

Versent · Versent.saml2aws

CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP

CLI tool which enables you to login and retrieve AWS temporary credentials using with ADFS or PingFederate Identity Providers. This is based on python code from How to Implement a General Solution for Federated API/CLI Access Using SAML 2.0. The process goes something like this: - Setup an account alias, either using the default or given a name - Prompt user for credentials - Log in to Identity Provider using form based authentication - Build a SAML assertion containing AWS roles - Optionally cache the SAML assertion (the cache is not encrypted) - Exchange the role and SAML assertion with AWS STS service to get a temporary set of credentials - Save these credentials to an aws profile named "saml"

winget install --id Versent.saml2aws --exact --source winget

Latest 2.36.19

Release Notes

Changelog

  • 36983fb Merge pull request #1386 from rrotter/cache_path_fix
  • 958e9b1 Merge branch 'master' into cache_path_fix
  • 4f40aa6 Merge pull request #1383 from Versent/dependabot/go_modules/github.com/aws/aws-sdk-go-1.55.6
  • 516827c Merge pull request #1372 from rhiroe/fix/broken-links
  • 5a6008a Merge pull request #1368 from Versent/dependabot/go_modules/github.com/stretchr/testify-1.10.0
  • 20fdb07 Merge branch 'master' into dependabot/go_modules/github.com/stretchr/testify-1.10.0
  • abe05ff Merge pull request #1366 from Versent/dependabot/github_actions/codecov/codecov-action-5
  • 03e363c Merge branch 'master' into dependabot/github_actions/codecov/codecov-action-5
  • ea9e476 Merge pull request #1393 from fergusean/patch-1
  • d171298 Merge branch 'master' into patch-1
  • 80fa2d8 Merge pull request #1379 from Versent/dependabot/github_actions/softprops/action-gh-release-2.2.1
  • 676540b Merge branch 'master' into patch-1
  • f7e7f0c Merge branch 'master' into dependabot/github_actions/softprops/action-gh-release-2.2.1
  • d5f0dd4 Merge pull request #1401 from Versent/dependabot/go_modules/github.com/go-jose/go-jose/v3-3.0.4
  • 197ccea Merge branch 'master' into dependabot/go_modules/github.com/aws/aws-sdk-go-1.55.6
  • af0014f Merge pull request #1384 from rrotter/kingpin/v2
  • bb6382a Merge branch 'master' into dependabot/go_modules/github.com/aws/aws-sdk-go-1.55.6
  • 7adf2e0 Merge branch 'master' into dependabot/go_modules/github.com/go-jose/go-jose/v3-3.0.4
  • 4569824 Merge branch 'master' into kingpin/v2
  • c62710a Merge pull request #1399 from Versent/dependabot/go_modules/golang.org/x/crypto-0.31.0
  • 18be398 Merge branch 'master' into dependabot/go_modules/golang.org/x/crypto-0.31.0
  • 9e77596 Merge pull request #1389 from vtov-kr/upgrade-golangci-lint-in-makefile
  • 4dea112 Merge pull request #1396 from catalyst-ca/master
  • d3a3486 Merge pull request #1398 from nordicdyno/keycloak.v2-wrong-password
  • 1e51177 Merge branch 'master' into patch-1
  • c39039f Merge branch 'master' into keycloak.v2-wrong-password
  • e5c820e Merge pull request #1403 from tinaboyce/master
  • 4509e40 Merge branch 'master' into master
  • 302eaae chore(gha): macos to get artifact from correct macos version
  • 01a3cc2 chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.3 to 3.0.4
  • 966f3a8 Merge branch 'master' into keycloak.v2-wrong-password
  • b64db7f Merge pull request #1400 from tinaboyce/master
  • f13ed11 chore(gha): bump macos runner to 13
  • 584ff9e chore(deps): bump golang.org/x/crypto from 0.28.0 to 0.31.0
  • 9e9d48d support invalid password for keycloak v2
  • 32800b4 added kc broker flag
  • e9ac86c add device picker for Ping
  • 119321a chore: Upgrade golangci-lint in Makefile to support toolchain directive
  • eacc503 expand ~ in saml_cache_file config field
  • f9d4c1f update kingpin to v2
  • 76b4a2c chore(deps): bump github.com/aws/aws-sdk-go from 1.55.5 to 1.55.6
  • fee224b chore(deps): bump softprops/action-gh-release from 2.0.8 to 2.2.1
  • ed7db93 Fix broken link
  • 53cfc1d chore(deps): bump github.com/stretchr/testify from 1.9.0 to 1.10.0
  • c2512fe chore(deps): bump codecov/codecov-action from 4 to 5
  • 148bb41 Merge pull request #1355 from hejfelix/feature/aad-mfa-token
  • cd7b0c3 pass mfa-token in AzureAD provider (fix #902)
  • 36ab9ae Merge pull request #1352 from Versent/dependabot/go_modules/golang.org/x/net-0.30.0
  • c1c07dc chore(deps): bump golang.org/x/net from 0.29.0 to 0.30.0
  • 8a083df Merge pull request #1351 from Versent/dependabot/go_modules/github.com/tidwall/gjson-1.18.0
  • 0342d0f chore(deps): bump github.com/tidwall/gjson from 1.17.3 to 1.18.0
  • b356b40 Merge pull request #1350 from mokrinsky/authentik-simlplified-flow
  • 3d2422d fix: change authentik to use the new flow
  • 9b3c6ec Merge pull request #1348 from Versent/dependabot/go_modules/github.com/playwright-community/playwright-go-0.4702.0
  • 62997f1 chore(deps): bump github.com/playwright-community/playwright-go
  • a8a073c Merge pull request #1345 from Versent/dependabot/go_modules/github.com/playwright-community/playwright-go-0.4700.0
  • 4771d2f Merge pull request #1344 from Versent/dependabot/go_modules/golang.org/x/net-0.29.0
  • d2fe6e8 Merge pull request #1342 from eldondevat/master
  • f4a0d2e Avoid deprecated package
  • 25bc611 chore(deps): bump github.com/playwright-community/playwright-go
  • 3d185df chore(deps): bump golang.org/x/net from 0.28.0 to 0.29.0
  • 9566f0c Implement assume-time policy limiting
  • 17ef4e6 Merge pull request #1335 from tinaboyce/update-copyright-year
  • 426bac6 Merge pull request #1337 from Versent/dependabot/go_modules/golang.org/x/net-0.28.0
  • ccd07f5 chore(deps): bump golang.org/x/net from 0.27.0 to 0.28.0
  • 1a0a98d Merge pull request #1332 from Versent/dependabot/go_modules/github.com/tidwall/gjson-1.17.3
  • 9f03099 Merge branch 'master' into dependabot/go_modules/github.com/tidwall/gjson-1.17.3
  • bed4623 Merge branch 'master' into update-copyright-year
  • cebeeab Merge pull request #1331 from Versent/dependabot/github_actions/actions/cache-4
  • 8bab5fa Merge pull request #1333 from Versent/dependabot/go_modules/github.com/aws/aws-sdk-go-1.55.5
  • 9d841c4 Merge pull request #1334 from tinaboyce/chore-update-author-nuspec
  • 64255ff chore(docs): bump copyright year
  • dfd224f chore(nuspec): change authors to Versent
  • f2a60e2 chore(deps): bump github.com/aws/aws-sdk-go from 1.55.0 to 1.55.5
  • a41bd64 chore(deps): bump github.com/tidwall/gjson from 1.17.2 to 1.17.3
  • 23b960d chore(deps): bump actions/cache from 3 to 4

Installer types: wix , zip

Architecture Scope Type Download SHA256
x64 wix Download E78EC324F040047A36E6DE3B61BFF8DE5B4F6D093F0F3070539A54121CB88B00
x64 zip Download 739BD99DB011825521CF7ADB15C205E7AAC6570F8B74CD0AFC5BEDBB0804A0EB
arm zip Download 13F8F1A652613433575DC6D1DA3143EDA4A9AF24A0E3FE3C8B939C70934C348C
arm64 zip Download 7872B44600B1E3B03C1A1D82216F4DCCA9A632ECFCE8AF43076D3BFB88616295

Details

Homepage
https://github.com/Versent/saml2aws
License
MIT
Publisher
Versent
Support
https://github.com/Versent/saml2aws/issues
Privacy Policy
https://versent.com.au/privacy-policy/
Copyright
Copyright (c) 2024 Versent