• AWS CLI via SAML

    Assuming roles across accounts

    In the second post of this series, I described how I set up my development environment using aws-google-auth. If it wasn’t for the tool, I would not be able to leverage the federation I set up between my GSuite and AWS accounts for use through the AWS CLI.

  • AWS CLI via SAML

    Setting up your development environment

    The previous post in this series laid out how to configure the federation between a GSuite and an AWS account, with the intent on creating a single point of entry into your AWS infrastructure. This ensures that users of the infrastructure, regardless of account, authenticate into a single account, and then use role assumption based on their federation for authorization into the target account they will be working in.

  • AWS CLI via SAML

    Setting up your federation

    Earlier this year, I decided that I would finally implement the same set of best practices in my own personal AWS accounts that I shared with my customers over the past two years. The intent, to run my own production workloads across the accounts that were effectively idle since their instantiation.