BMX
BMX grants you API access to your AWS accounts, based on Okta credentials that you already own.
It uses your Okta identity to create short-term AWS STS tokens, as an alternative to long-term IAM access keys.
BMX manages your STS tokens with the following commands:
bmx print
writes your short-term tokens tostdout
as AWS environment variables. You can executebmx print
’s output to make the environment variables available to your shell.bmx write
writes your short-term tokens to~/.aws/credentials
.
BMX prints detailed usage information when you run bmx -h
or bmx <cmd> -h
.
BMX was developed by D2L (Brightspace/bmx), and modifications have been made to the project by Arctic Wolf.
Features
- BMX is multi-platform: it runs on Linux, Windows, and Mac.
- BMX maintains your Okta session for 12 hours: you enter your Okta password once a day, and BMX takes care of the rest.
- Project scoped configurations
- BMX supports Web and SMS MFA.
Installation
Available versions of BMX are available on the releases page.
Getting Started
To authenticate and obtain a session via the command line, run the following:
bmx login
This will prompt you for your Okta organization and credentials. When you have successfully connected, you can run the following to get a set of IAM STS credentials for use with the AWS API:
bmx print
The command will print a series of environment set commands, that can be used to set the environment variables of the current shell session:
export AWS_SESSION_TOKEN=...
export AWS_ACCESS_KEY_ID=...
export AWS_SECRET_ACCESS_KEY=...
# Run AWSCLI using environment variables for credentials
aws sts get-caller-identity
If you’d like to learn about the ways BMX assists with authenticating to AWS, you can review in the getting started documentation.
Versioning
BMX is maintained under the Semantic Versioning guidelines.
Getting Involved
See CONTRIBUTING.md for guidelines.