An (unofficial) AWS Console Federated Sign-In Tool
This tool simplifies access to the AWS Console by leveraging the GetFederationToken API, allowing users to sign in swiftly and securely using their local AWS credentials. It caters to individuals who need frequent access to the AWS Console without constantly requiring them to enter their 2-Factor Authentication (2FA) details. Built with C# and Avalonia to ensure a consistent expierence across different platforms while still using a single unified codebase. This is a community effort and not affiliated with Amazon/AWS, if you're having any problems please open an issue.
- π Efficient Sign-In: Streamlines the sign-in process to the AWS Console by utilizing the GetFederationToken API.
- π‘οΈ Effective Security: Offers a reasonably secure sign-in method without necessitating 2FA, suitable for users requiring regular access to the AWS Console.
- π Cross-Platform Compatibility: Single codebase can be built for Desktop, Web, and Mobile.
- π¨ User-Friendly Interface: Intuitive UI design facilitates easy navigation and usage for both novice and experienced users.
Demo gif showcasing functionality coming soon...
Detailed usage instructions coming soon...
Build instructions coming soon...
This repository offers a streamlined development environment setup using a devcontainer.json file, allowing you to get up and running quickly with a fully-featured environment in the cloud.[1] Use one of the following links to get started:
|
|||||
|
|
|
|
|||
| If you want to browse the source code without the need to build, you can do so conveniently on GitHub.dev or VSCode.dev: | |||||
|
|
|
||||
graph TD
subgraph " "
direction LR
Core["ConsoleLaunchpad.Core"]
Tests["ConsoleLaunchpad.Tests"]
Main["ConsoleLaunchpad"]
Browser["ConsoleLaunchpad.Browser"]
Desktop["ConsoleLaunchpad.Desktop"]
Imports["ConsoleLaunchpad.Imports"]
Android["ConsoleLaunchpad.Android"]
end
Core -->|Business Logic| Main
Imports -->|Application Interfaces| Main
Main -->|User Interface| Browser
Main -->|User Interface| Desktop
Main -->|User Interface| Android
Core -->|Unit Tests| Tests
Main -->|Integration Tests| Tests
For anyone asking "how does this all works", here's a minimal implementation in C#:
using System;
using Amazon.IdentityManagement;
using Amazon.IdentityManagement.Model;
using Amazon.Runtime;
using Amazon.Runtime.CredentialManagement;
using Amazon.SecurityToken;
using Amazon.SecurityToken.Model;
class Program
{
static async Task Main()
{
string policy = @"{
""Statement"": [{
""Effect"": ""Allow"",
""Action"": ""*"",
""Resource"": ""*""
}]
}"; // Your desired policy
AWSCredentials credentials;
CredentialProfileStoreChain chain = new CredentialProfileStoreChain();
if (chain.TryGetAWSCredentials("profile_name", out credentials)) // Your AWS profile name
{
Console.WriteLine("Using local AWS profile credentials.");
}
else
{
credentials = new BasicAWSCredentials("YOUR_ACCESS_KEY_ID", "YOUR_SECRET_ACCESS_KEY"); // Your AWS credentials
}
using (var stsClient = new AmazonSecurityTokenServiceClient(credentials, Amazon.RegionEndpoint.USEast1)) // Replace the region if desired
{
GetFederationTokenRequest getTokenRequest = new()
{
Name = "Username",
Policy = policy,
DurationSeconds = 3600 // Set the duration for which the temporary credentials are valid
};
GetFederationTokenResponse getTokenResponse = await stsClient.GetFederationTokenAsync(getTokenRequest);
string sessionToken = getTokenResponse.Credentials.SessionToken;
string consoleSigninLink = $"https://signin.aws.amazon.com/federation?Action=login&Issuer=ExampleCorp&Destination=https%3A%2F%2Fconsole.aws.amazon.com%2F&SigninToken={Uri.EscapeDataString(sessionToken)}";
Console.WriteLine($"Signed URL for AWS Console: {consoleSigninLink}");
}
}
}Here are some additional resources regarding the GetFederationToken API and its usage:
| AWS IAM User Guide - Federated Users |
| AWS IAM User Guide - GetFederationToken |
| AWS STS API Reference |
| AWS SDK for .NET API Docs |
Contributions to this project are welcome! Feel free to submit bug reports, feature requests, or pull requests via GitHub.
This tool is licensed under the MIT License. See the LICENSE file for details.
For any inquiries or assistance, please open an issue.
-
For local development check out Dev Containers and DevPod. β©