Versions:
saml2aws, published by Versent, is a command-line utility designed to bridge enterprise SAML Identity Providers with AWS CLI workflows by automating the retrieval of short-lived STS credentials. Built on the Python reference implementation described in AWS white-paper “How to Implement a General Solution for Federated API/CLI Access Using SAML 2.0,” the tool is aimed at system administrators, DevOps engineers, and developers who operate under federated single-sign-on mandates but still need programmatic access to AWS services. After a one-time configuration in which an account alias is registered, saml2aws prompts the user for corporate credentials, performs form-based authentication against ADFS or PingFederate, intercepts the returned SAML assertion, optionally caches it for reuse, extracts the embedded AWS role ARNs, and exchanges the assertion with AWS Security Token Service for temporary AccessKey, SecretKey, and SessionToken triples. These credentials are written to a local AWS profile called “saml,” after which standard AWS CLI or SDK calls proceed transparently without further manual intervention. The entire flow preserves the organization’s existing identity governance while eliminating the need to distribute long-lived AWS credentials. Version 2.36.19, currently the only maintained release stream, ships as a self-contained binary for Windows, macOS, and Linux, requiring no Python runtime on the client. The software is available for free on get.nero.com, with downloads delivered through trusted Windows package sources such as winget, always serving the latest build and supporting batch installation alongside other applications.
Tags: