SAML Assertion to AWS STS Assumption

This extension allows you to extract credentials from a federated AWS console login so that you can use command line tools like terraform or AWSCLI.

For organisations using their corporate directory to control access to AWS console, this extension is essential to allow you to securely access AWS APIs with time based sessions without risking storing usernames and passwords.

Multiple accounts are supported, allowing you to use profile environment variables and command line parameters to access any account you are signed into.

Usage is simple - just sign into the console through your corporate directory and your temporary credentials will be saved to disk ready for use.