Less than a year ago, my team and I decided to develop an essential tool that securely manages programmatic (CLI/SDK) access to AWS resources distributed among several Cloud accounts.<p>Temporary credentials access was a constraint for accessing the Cloud in our company, so we decided to build an open-source (<a href="https://github.com/Noovolari/leapp" rel="nofollow">https://github.com/Noovolari/leapp</a>) tool for every access method on your behalf.<p>Leapp manages different access methods:
IAM Users, IAM Roles federated with multiple Identity Providers (G Suite, Okta, and OneLogin at the time), IAM Role Chained to another AWS entity (the cross-account Role access thing), AWS Single Sign-On Roles, and Azure Subscriptions by now.<p>Leapp store securely information of the developers (like AWS Access Key and Secret Keys) and generate short-lived credentials accessible to any CLI, SKD, and external library.<p>The idea of the App is to provide the Cloud credentials I need only when required. Otherwise, the Cloud Credentials file is cleaned and not accessible to any attackers.<p>We integrate the project with specific services like AWS Single Sign-On, the automatic provisioning of the account available to access, and AWS System Manager Session Manager to access EC2 instances directly from the App.<p>I'm also finalizing the Access to other Cloud providers (Google Cloud Platform and Alibaba Cloud) in the following months.<p>Hundreds of developers are downloading it, and the most common reaction is: "It's addictive. I don't want to go back to anything else."<p>After all those requests, from today, we will help the company-wide adoption of the project with enterprise support of the open-source project.<p><a href="https://www.leapp.cloud/support" rel="nofollow">https://www.leapp.cloud/support</a>