Kriation Engineering-
AWS CLI via SAML
Assuming roles across accounts
In the second post of this series, I described how I set up my development environment using aws-google-auth. If it wasn’t for the tool, I would not be able to leverage the federation I set up between my GSuite and AWS accounts for use through the AWS CLI.
-
AWS CLI via SAML
Setting up your development environment
The previous post in this series laid out how to configure the federation between a GSuite and an AWS account, with the intent on creating a single point of entry into your AWS infrastructure. This ensures that users of the infrastructure, regardless of account, authenticate into a single account, and then use role assumption based on their federation for authorization into the target account they will be working in.
-
AWS CLI via SAML
Setting up your federation
Earlier this year, I decided that I would finally implement the same set of best practices in my own personal AWS accounts that I shared with my customers over the past two years. The intent, to run my own production workloads across the accounts that were effectively idle since their instantiation.