Skip to content

StuDocu/aws-roles-via-google-sso

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

79 Commits
.github
.github
 
 
aosvc-python
aosvc-python
 
 
aosvc
aosvc
 
 
extension
extension
 
 
img
img
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
changelog.md
changelog.md
 
 
package_firefox.sh
package_firefox.sh
 
 
privacy.md
privacy.md
 
 

Repository files navigation

AWS Roles via Google SSO

Introduction

This repository holds the code for a browser extension that allows users that use Google Workspace (gsuite) as an IDP provider to login to AWS using roles. It also has a local service that updates the local client AWS credentials for the aws-cli. This extension can be used as an alternative to aws-google-auth and doesn't require filling credentials as long as your Google account is logged in to your browser, nor does it suffer from constant captchas. The extension has been tested on Chrome and firefox.

Features

  • Refresh AWS Web Console session automatically to keep user logged in.
  • Get temporary credentials for assumed role to use for CLI access.
  • Autofill all available AWS roles for Google Workspace account.
  • Automatically update local aws credentials file.

Installation

Firefox

Available directly in Add-ons for Firefox:

Chrome

  1. Clone this repository.
  2. Go to the Chrome Extensions page.
  3. Enable Developer Mode on the right side of the page.
  4. Press "Load Unpacked".
  5. Pick the extension folder in the cloned repository.

(Optional) Firefox manual installation

  1. Clone this repository.
  2. Delete the regular manifest.js and rename the manifest-firefox.js to manifest.js
  3. Go to Addons and themes in the hamburger menu.
  4. Click the wheel and then Debug Add-ons.
  5. Click Load Temporary Add-on... and select the manifest.json file.

Using the extension

First you will need to configure some properties in the Options menu. Each property has additional info that you can read to help you set it up properly.

Options

When you are done, exit the Options menu. Now you can add your user's IAM role or roles or click the (A) button to initiate autofill.

Main menu

Click on the slider to start the token auto refresh procedure. After enabling the refresh you can also click on the CLI button to get the temporary STS credentials.

Updater Service installation

The credentials updater service runs a minimalistic webserver on 127.0.0.1:31339 that listens requests for updates from the extension. To enabled this feature, click the toggle in the Options menu.

Linux: Golang based service:

Linux users should use this version of the local service

Requirements
netstat
Installation
  1. Clone this repo
  2. cd aosvc
  3. ./install.sh

macOS: Python based service

MacOS users will benefit from using the python version of the local service.

Installation
  1. Clone this repo
  2. cd aosvc-python
  3. ./install.sh

More info here.

About

Browser Extension for using AWS roles using Google SSO

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • JavaScript 54.6%
  • Go 17.8%
  • Python 10.4%
  • HTML 6.1%
  • CSS 5.9%
  • Shell 4.1%
  • Batchfile 1.1%