{"id":21496011,"url":"https://github.com/devops-infra/docker-okta-aws-sso","last_synced_at":"2025-07-15T19:32:11.523Z","repository":{"id":39711220,"uuid":"254632337","full_name":"devops-infra/docker-okta-aws-sso","owner":"devops-infra","description":"Docker image for AWS Single Sign-On with Okta.","archived":false,"fork":false,"pushed_at":"2024-10-29T07:28:24.000Z","size":75,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-10-29T08:23:58.015Z","etag":null,"topics":["automation","aws-sso","christophshyper","devops","devops-tools","docker-image","gimme-aws-creds","okta","single-sign-on"],"latest_commit_sha":null,"homepage":"https://shyper.pro/","language":"Makefile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/devops-infra.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-04-10T12:44:55.000Z","updated_at":"2024-10-29T07:28:26.000Z","dependencies_parsed_at":"2024-10-29T08:22:17.893Z","dependency_job_id":"09b8e44e-2b07-4ad2-b385-e553fc68795e","html_url":"https://github.com/devops-infra/docker-okta-aws-sso","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-infra%2Fdocker-okta-aws-sso","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-infra%2Fdocker-okta-aws-sso/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-infra%2Fdocker-okta-aws-sso/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/devops-infra%2Fdocker-okta-aws-sso/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/devops-infra","download_url":"https://codeload.github.com/devops-infra/docker-okta-aws-sso/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":226064520,"owners_count":17568036,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","aws-sso","christophshyper","devops","devops-tools","docker-image","gimme-aws-creds","okta","single-sign-on"],"created_at":"2024-11-23T16:14:27.885Z","updated_at":"2024-11-23T16:14:28.756Z","avatar_url":"https://github.com/devops-infra.png","language":"Makefile","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Docker image for AWS Single Sign-On with Okta.\n\nDockerized ([devopsinfra/docker-okta-aws-sso](https://hub.docker.com/repository/docker/devopsinfra/docker-okta-aws-sso)) Single Sign-On solution for [Amazon Web Services](https://aws.amazon.com/) via [Okta](https://www.okta.com/).\n\nOkta is one of the leaders of SSO solutions, but lacks native CLI tools.\n\nThe best, in my humble opinion, tool that fixes that problem is [gimme-aws-creds](https://github.com/Nike-Inc/gimme-aws-creds) made by [Nike Inc.](http://engineering.nike.com). More of their interesting work can be found on [Nike-Inc](https://github.com/Nike-Inc).\n\nCurrently, supporting v2.3.4 of gimme-aws-creds.\n\nFor details information about [gimme-aws-creds](https://github.com/Nike-Inc/gimme-aws-creds)'s configuration please refer to [README.md](https://github.com/Nike-Inc/gimme-aws-creds/blob/master/README.md).\n\u003cbr\u003eDocker's entrypoint is the binary of `gimme-aws-creds` and can accept any parameters, even when running as an alias, or a function (check usage below).\n\u003cbr\u003eIt supports Multi Factor Authentication. Not only with authenticator app but even with Yubikey (without PIN).\n\nThis Docker image just packs the tool to quickly reuse it without the need of installing with Python.\n\u003cbr\u003eIt should have access only to following configuration files: \n* [gimme-aws-creds](https://github.com/Nike-Inc/gimme-aws-creds), default is `~/.okta_aws_login_config`\n* [aws-cli](https://github.com/aws/aws-cli), default is `~/.aws/credentials`\n\n\n## Badge swag\n[\n![GitHub](https://img.shields.io/badge/github-devops--infra%2Fdocker--okta--aws--sso-brightgreen.svg?style=flat-square\u0026logo=github)\n![GitHub code size in bytes](https://img.shields.io/github/languages/code-size/devops-infra/docker-okta-aws-sso?color=brightgreen\u0026label=Code%20size\u0026style=flat-square\u0026logo=github)\n![GitHub last commit](https://img.shields.io/github/last-commit/devops-infra/docker-okta-aws-sso?color=brightgreen\u0026label=Last%20commit\u0026style=flat-square\u0026logo=github)\n](https://github.com/devops-infra/docker-okta-aws-sso \"shields.io\")\n[![Push to master](https://img.shields.io/github/workflow/status/devops-infra/docker-okta-aws-sso/Push%20to%20master?color=brightgreen\u0026label=Master%20branch\u0026logo=github\u0026style=flat-square)\n](https://github.com/devops-infra/docker-okta-aws-sso/actions?query=workflow%3A%22Push+to+master%22)\n[![Push to other](https://img.shields.io/github/workflow/status/devops-infra/docker-okta-aws-sso/Push%20to%20other?color=brightgreen\u0026label=Pull%20requests\u0026logo=github\u0026style=flat-square)\n](https://github.com/devops-infra/docker-okta-aws-sso/actions?query=workflow%3A%22Push+to+other%22)\n\u003cbr\u003e\n[\n![DockerHub](https://img.shields.io/badge/docker-devopsinfra%2Fdocker--okta--aws--sso-blue.svg?style=flat-square\u0026logo=docker)\n![Image size](https://img.shields.io/docker/image-size/devopsinfra/docker-okta-aws-sso/latest?label=Image%20size\u0026style=flat-square\u0026logo=docker)\n![Docker Pulls](https://img.shields.io/docker/pulls/devopsinfra/docker-okta-aws-sso?color=blue\u0026label=Pulls\u0026logo=docker\u0026style=flat-square)\n](https://hub.docker.com/r/devopsinfra/docker-okta-aws-sso \"shields.io\")\n\n\n## Prerequisites\n* Operating system: MacOS, Linux or Windows Subsystem for Linux.\n* Software: Docker\n* AWS: IAM roles prepared for users to assume. IAM user for Okta properly configured.\n* Okta: Okta connected via SAML with AWS. Users having assigned AWS application and chosen proper roles.\n\n\n## Configuration\nFor ease of reuse create alias or a function in your shell. For example in `~/.profile` enter following:\n```shell script\nfunction okta-aws() {\n    docker run --rm \\\n        --user $(id -u):$(id -g) \\\n        --volume $(pwd)/.okta_aws_login_config:/.okta_aws_login_config \\\n        --volume $(pwd)/.aws/credentials:/.aws/credentials \\\n        -it devopsinfra/docker-okta-aws-sso:latest \"$@\";\n}\n```\n\nRun the interactive installer by executing: `okta-aws --action-configure`.\n\nFor more information run `okta-aws --help`.\n\n**Simplest** configuration file:\n```\n[DEFAULT]\nokta_username = user.name@domain.com\naws_rolename =\ncred_profile = default\naws_default_duration = 3600\nokta_org_url = https://dev-123456.okta.com\napp_url = https://dev-123456.okta.com/home/amazon_aws/1fD3c8s3mfhMHxF1o9id/272\npreferred_mfa_type = token:software:totp\ndevice_token =\ngimme_creds_server = appurl\nwrite_aws_creds = True\nresolve_aws_alias = True\nremember_device = True\noutput_format = json\n```\n\nParameters, like password, can be also passed via environment variables for reuse. But keep in mind security concerns.\n\n\n## Running\nDepending on the configuration (above) new AWS credentials can be obtained by running:\n* for a default action: `okta-aws`\n* for a selected profile `okta-aws --profile Administrator`\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevops-infra%2Fdocker-okta-aws-sso","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdevops-infra%2Fdocker-okta-aws-sso","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdevops-infra%2Fdocker-okta-aws-sso/lists"}