Mattermost Logo
We're hiring!
Edit on GitHub

OneLogin and AWS

Generating AWS Keys using OneLogin authentication 

We use to generate temporary AWS keys.


To install, use pip:

$ pip install onelogin-aws-cli

Note that onelogin-aws-cli requires Python 3. It is not recommended to install Python packages globally on your system.


Running onelogin-aws-login will perform the authentication against OneLogin, and cache the credentials in the AWS CLI Shared Credentials File.

For every required piece of information, the program will present interactive inputs, unless that value has already been provided through either command line parameters, environment variables, or configuration file directives.

$ onelogin-aws-login
Onelogin Username:
Onelogin Password:
Google Authenticator Token: 579114
Pick a role:
[1]: arn:aws:iam::xoxoxoxo:role/onelogin-test-ec2
[2]: arn:aws:iam::xoxoxoxo:role/onelogin-test-s3
[3]: arn:aws:iam::xoxoxoxo:role/onelogin-test-s3
? 3
Credentials cached in '/Users/myuser/.aws/credentials'
Expires at 2018-05-24 15:15:41+00:00
Use aws cli with --profile xoxoxoxo:role/onelogin-test-s3/