Logging in to AWS with ADFS

If your organization uses Active Directory Federation Services (ADFS), you can use this very useful tool to authenticate with the cli

  • prereqs: python and pip installed, also aws cli tool

Generate credentials to work with aws-cli

  • Download AWS-ADFS at this link
  • Run the following command:

    aws-adfs login --no-sspi --adfs-host aws-sso.<company>.com --profile default
  • Fill out the username and password like you would on the UI on initial load of the command line tool

View Generate AWS Credentials

  • View credentials with vi ~/.aws, check credentials folder
  • Your credentials will look like so:

    aws_access_key_id = blah
    aws_secret_access_key = blah
    aws_session_token = long blah
    aws_security_token = long blah
  • Configure CLI with the new credentials

Use with the CLI:

  • aws configure
  • answer prompts:

    AWS Access Key ID [*******]:
    AWS Secret Access Key [*******]:
    Default region name [<region>: <enter region>]
    Default output format [json]: