aws-google-auth:tldr:baf07

aws-google-auth: Log in [a]sking which role to use (in case of several available SAML roles).

aws-google-auth

$ aws-google-auth -u ${example@example-com} -I ${$GOOGLE_IDP_ID} -S ${$GOOGLE_SP_ID} -d ${3600} -a

try on your machine

The command aws-google-auth is a command-line tool that allows you to authenticate with AWS using your Google account. Here is a breakdown of the command and its parameters:

-u ${example@example-com}: Specifies the Google user account you want to use for authentication. In this case, it is using the example@example.com email address.
-I ${$GOOGLE_IDP_ID}: Specifies the Google Identity Provider (IDP) ID. The ${$GOOGLE_IDP_ID} is likely a placeholder for an environment variable that holds the IDP ID. The IDP ID is unique to each Google Cloud project.
-S ${$GOOGLE_SP_ID}: Specifies the Google Service Provider (SP) ID. Similar to the IDP ID, ${$GOOGLE_SP_ID} is a placeholder for an environment variable that holds the SP ID. The SP ID represents the AWS service that you want to access.
-d ${3600}: Specifies the duration of the authentication session in seconds. ${3600} is a placeholder for a value, in this case, it is set to 3600 seconds (1 hour).
-a: Enables automatic configuration of AWS CLI (Command Line Interface) credentials after successful authentication.

Overall, this command is authenticating the specified Google account, with the provided IDP and SP IDs, for a specific duration. Then, it automatically configures AWS CLI credentials for subsequent AWS API calls or command-line operations.

This explanation was created by an AI. In most cases those are correct. But please always be careful and never run a command you are not sure if it is safe.

back to the aws-google-auth tool