Skip to content

Instantly share code, notes, and snippets.

@Kalki5

Kalki5/AWS Federated signin URL - Python

Created February 18, 2018 13:49
Show Gist options
  • Save Kalki5/ab529cd68b40b552e09eeabc96ea39ce to your computer and use it in GitHub Desktop.
Save Kalki5/ab529cd68b40b552e09eeabc96ea39ce to your computer and use it in GitHub Desktop.
Download ZIP
Raw
AWS Federated signin URL - Python
import urllib, json
import requests
import boto3
client = boto3.client(
service_name='sts',
region_name='us-east-2',
aws_access_key_id='ACCESS_KEY',
aws_secret_access_key='SECRET_KEY'
)
assumed_role_object = client.get_federation_token(
Name='kalki',
Policy='{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": "*", "Resource": "*" } ]}',
DurationSeconds=43200
)
assumed_role_object = client.get_session_token(
DurationSeconds=43200
)
assumed_role_object = client.assume_role(
RoleArn="arn:aws:iam::063705058639:role/tempfedrole",
RoleSessionName="AssumeRoleSession",
DurationSeconds=3600
)
json_string_with_temp_credentials = '{"sessionId":"' + assumed_role_object["Credentials"]["AccessKeyId"] + '","sessionKey":"' + assumed_role_object["Credentials"]["SecretAccessKey"] + '","sessionToken":"' + assumed_role_object["Credentials"]["SessionToken"] + '"}'
request_parameters = "?Action=getSigninToken&SessionDuration=43200&Session=" + urllib.quote_plus(json_string_with_temp_credentials)
request_url = "https://signin.aws.amazon.com/federation" + request_parameters
r = requests.get(request_url)
signin_token = json.loads(r.text)
request_parameters = "?Action=login&Issuer=Example.org&Destination=" + urllib.quote_plus("https://console.aws.amazon.com/") + "&SigninToken=" + signin_token["SigninToken"]
request_url = "https://signin.aws.amazon.com/federation" + request_parameters
print request_url
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment