You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -11,7 +11,7 @@ In order to rotate credentials, Awsaml takes the following actions
1. Authenticates the user with their identity provider.
2. Reads the SAML authentication response returned from the identity provider.
3. Generates new temporary AWS keys by calling the [AssumeRoleWithSAML][] API.
3. Generates new temporary AWS keys by calling the [AssumeRoleWithSAML][] API.*
4. Writes the new temporary credentials to disk.
This flow repeats every hour so the user always has a valid set of AWS keys
Expand All
@@ -20,6 +20,8 @@ identity provider, so the user doesn't need to reauthenticate every time.
You can grab prebuilt binaries for Mac, Linux, and Window from [the releases page][releases].
*This API is used to fetch credentials if the Okta SAML + AWS configuration is used. Alternatively, Awsaml also supports the Just In Time IAM tool in Rapid7's InsightCloudSec product.
## Configuration
Configuring Awsaml is a multi-step process that involves a bit of back and forth
