BMX grants you API access to your AWS accounts, based on Okta credentials that you already own.
It uses your Okta identity to create short-term AWS STS tokens, as an alternative to long-term IAM access keys. BMX manages your STS tokens with the following commands:
bmx printwrites your short-term tokens to
stdoutas AWS environment variables. You can execute
bmx print’s output to make the environment variables available to your shell.
bmx writewrites your short-term tokens to
BMX prints detailed usage information when you run
bmx -h or
bmx <cmd> -h.
BMX was developed by D2L (Brightspace/bmx), and modifications have been made to the project by Arctic Wolf.
- BMX is multi-platform: it runs on Linux, Windows, and Mac.
- BMX maintains your Okta session for 12 hours: you enter your Okta password once a day, and BMX takes care of the rest.
- Project scoped configurations
- BMX supports Web and SMS MFA.
Available versions of BMX are available on the releases page.
To authenticate and obtain a session via the command line, run the following:
This will prompt you for your Okta organization and credentials. When you have successfully connected, you can run the following to get a set of IAM STS credentials for use with the AWS API:
The command will print a series of environment set commands, that can be used to set the environment variables of the current shell session:
export AWS_SESSION_TOKEN=... export AWS_ACCESS_KEY_ID=... export AWS_SECRET_ACCESS_KEY=... # Run AWSCLI using environment variables for credentials aws sts get-caller-identity
If you’d like to learn about the ways BMX assists with authenticating to AWS, you can review in the getting started documentation.
BMX is maintained under the Semantic Versioning guidelines.
See CONTRIBUTING.md for guidelines.