- Website: https://saml.to
- Forums: https://github.com/saml-to/cli/discussions
- Documentation: https://docs.saml.to
This is the CLI for SAML.to. It allows for command-line AWS role assumption.
saml-to [command]
Commands:
saml-to list-roles Show roles that are available to assume
saml-to login [provider] Login to a provider
saml-to assume [role] Assume a role
Options:
--help Show help [boolean]
--version Show version number [boolean]
Please make sure the following is installed:
- NodeJS v16+
npmoryarnornpxavaliable on the$PATH- (MacOS Alternative) Homebrew available on the
$PATH
npm:
npm install -g saml-to
saml-to assumeyarn:
yarn global add saml-to
saml-to assumenpx:
npx saml-to assumebrew tap saml-to/tap
brew install saml-to
saml-to assumeOnce the CLI is installed, run the following commands to login and assume roles:
# Saves a GitHub token with a user:email scope to ~/.saml-to/github-token.json
saml-to login github# List available roles to assume
saml-to list-rolesIf no logins or roles are available, an administrator for an AWS account should complete the initial setup.
Add the --help flag to any command for available options.
Interactive prompt for roles to assume:
saml-to assumeOr, if the full role name is known:
saml-to assume arn:aws:iam::123456789012:role/some-roleAlternatively, use the shorthand:
# Any distinct part of the role names in from saml-to list-roles will match
saml-to assume some-role # match by the role name
saml-to assume 123456789012 # match by the account IDCheck out the documentation for assume.
The --headless flag will output an expression to update your shell environment with a role.
Use a subshell ($(...)) to set AWS_* related environment variables:
$(saml-to assume some-role --headless)
aws s3api list-buckets # or any desired `aws` commandUse Invoke-Expression (iex) to set AWS_* related environment variables:
iex (saml-to assume some-role --headless)
aws s3api list-buckets # or any desired `aws` commandVisit SAML.to Install to get started by connecting a GitHub User or Organization to an AWS Account.
Please Open a New Issue in GitHub if an issue is found with this tool.
If you do not want to be included in Anonymous Usage Metrics, ensure an environment variable named SAML_TO_DNT is set:
SAML_TO_DNT=1 npx saml-to