Differences

This shows you the differences between two versions of the page.

--- aws:roles_anywhere [2022/07/21 10:41] – external edit 127.0.0.1
+++ aws:roles_anywhere [2022/07/24 13:19] (current) – ndatingalls
@@ Line 6: / Line 6: @@
 === CA Option 1 ===
-Use https://github.com/OpenVPN/easy-rsa to create certificate authority and certificates
+Use https://github.com/OpenVPN/easy-rsa to create certificate authority and certificates.
+AWS Client VPN has a good example of how to use it https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/client-authentication.html#mutual.
 === CA Option 2 ===
@@ Line 22: / Line 24: @@
 === Use Python ===
-Updated script to use Python requests library.  Based on AWS example from [[https://docs.aws.amazon.com/general/latest/gr/sigv4-signed-request-examples.html#sig-v4-examples-post|here]] and incorporating changes mentioned [[https://docs.aws.amazon.com/rolesanywhere/latest/userguide/authentication-sign-process.html|here]].  Updated to use https://cryptography.io/en/latest/ instead of https://www.pycryptodome.org/.  This example uses the region US-East-2.
+Updated script to use Python requests library.  Based on AWS example from [[https://docs.aws.amazon.com/general/latest/gr/sigv4-signed-request-examples.html#sig-v4-examples-post|here]] and incorporating changes mentioned [[https://docs.aws.amazon.com/rolesanywhere/latest/userguide/authentication-sign-process.html|here]].  Updated to use https://cryptography.io/en/latest/ instead of https://www.pycryptodome.org/.  This example uses the region US-East-2.  Also added the ability to use an encrypted private key, but **please implement proper key security** as this script was a very quick "how do I make this work" project.
+Mentioned on [[https://www.lastweekinaws.com/podcast/aws-morning-brief/aws-s-disclosure-improvements/|AWS Morning Brief 2022-07-21]].
 <code python roles_anywhere.py>
 # Copyright 2010-2019 Amazon.com, Inc. or its affiliates. All Rights Reserved.

Nerdy Drunk

User Tools

Site Tools

Differences

Page Tools