09-07-2018 09:41 PM
I have a use case where I want to assign role to users in AWS Console but also provide access key and secret key with configurable timeout on AWS CLI for users to leverage the CLI can that be possible with Duo?
02-21-2019 07:08 AM
I am looking to accomplish the same. Did you get this figured out and if so, could you provide me the steps you took?
I’d greatly appreciated!
Best,
Dennis
07-03-2019 09:56 AM
My hope was that I can modify and use the python script “samlapi_formauth.py” provided by AWS in order to login thru our AWS DAG SAML provider.
The major problem with AWS CLI is that DAG is protected against cross-site scripting by using javascript and signed iframe requests which is difficult to accomplish in python.
Paul
04-08-2020 11:14 PM
This is Frustrating! Facing the same issue. I’m not getting help from AWS and from the DUO side as well. With so many clients and implementations, none wanted to authenticate AWS CLI via DUO? The SAML that I am passing to https://signin.aws.amazon.com/saml is correct per AWS documentation, yet not able to log in. Not sure where the issue is. And do not have any logs or support to fix this issue.
04-09-2020 08:39 AM
The Duo SAML integrations for AWS do not support CLI access today; they require display of the Duo prompt in the browser for authentication. The AWS Directory Service configuration does (adding Duo via RADIUS to AWS directory).
04-09-2020 03:56 PM
Is there any way that I can get the SAML response for authentication via cli, that I can use it to call another aws-cli
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide