Show HN: An easy way to assume AWS IAM roles on your Laptop or in GitHub Actions
saml.toHey everyone!
I've made a service to allow developers easy access to AWS IAM Roles using GitHub Identity.
This way, an organization or AWS account owner can quit generating AWS IAM Credentials to users or GitHub Repositories, and use the saml-to CLI or assume-aws-role-action to federate roles. What's the difference between this and using the role_arn in the credentials file? (https://docs.aws.amazon.com/cli/latest/userguide/cli-configu...) thanks for the question! this completely eliminates the need to juggle ~/.aws/* files, or downloading or generation of one or more web identity token files, or complicated trust to a single root account using a single GitHub token identifying the user, the saml.to backend exchanges that token for the desired account and credentials simply based on providing the desired role name as input zero knowledge on how to authenticate the aws cli is necessary, which I've found as a high friction point for administrators and developers to get right let me know if you have any more questions or feedback!