I’m currently in a scenario where I’m trying to automate some tasks in AWS using PowerShell. In our environment we authenticate to AWS via ADFS with DUO MFA it then passes this token to the AWS SAML provider. Using this method I’m given access to 200+ AWS accounts now I want to use the AWS PowerShell modules to enumerate all the accounts available to me then query each account for all the EC2 instances they have provisioned.
What I seem to be having issue with is I technically should be able to login to ADFS via PowerShell, get my token then pass that token to AWS but I’m not getting my token from ADFS because I assume it’s not actually logging in because it’s not doing a DUO authentication.
Does anyone know a way around this?