CloudKeeper - Credential Helper

AWS SSO External AWS Account - STS Keys Generator
What is CloudKeeper - Credential Helper?
CloudKeeper - Credential Helper is a Chrome extension that enables the retrieval of AWS CLI credentials for external AWS accounts in AWS SSO by passing the SAML Assertion to AWS Security Token Service. Simply click on the extension while logged into the desired external AWS account, and the credentials will be available for you to copy and use with the AWS CLI on your local machine. The extension does not collect data and credentials are viewable only once.

Extension stats

Users: 912 ▼ -37
Rating: 4.33 (3)
Version: 1.3.0 (Last updated: 2024-08-28)
Creation date: 2022-07-02
Risk impact: High risk impact
Risk likelihood: Moderate risk likelihood
Manifest version: 3
Permissions:
  • webRequest
  • storage
  • webNavigation
Host permissions:
  • https://signin.aws.amazon.com/saml
Size: 846.85K
URLs: Website

Other platforms

Not available on Firefox
Not available on Edge
Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.
Chrome-Stats extension

Extension summary

If you're using an external AWS account in AWS SSO, there is no way for you to retrieve the CLI credentials for the role. The workaround suggested by AWS is to use AWS CloudShell. This Credential Helper extension allows you to retrieve the CLI credentials by passing the SAML Assertion to AWS Security Token Service.

To use this extension:

  1. Click on the external AWS account you wish to log into
  2. Once the console opens, click on the extension and the popup will appear
  3. Your credentials will be available there for you to copy
  4. Copy the credentials to your local AWS credentials file
  5. Use the AWS CLI from your local machine

Note: This extension does not collect any data. The credentials are available to view only once and are deleted once the popup is closed.

User reviews

by Shivam Arora, 2024-10-15

While useful, the popup has a significant flaw when installed on Chrome 113.0.5672.127: the width of the popup prevents fully highlighting the displayed credentials. As a result, any attempt to highlight and copy the "export" credentials results in an incomplete session token, which translates to a malformed token in a user's session (eg., Ubuntu 20.04 terminal, PuTTY, etc.) Please consider either an overall scrollbar for this popup, or buttons for each type of credential output to aid in getting the full content into the user's clipboard for further use. The workaround of "select all" (Ctrl-A), then "copy" (Ctrl-C), then "paste" (Ctrl-V) into something like notepad, or an empty vim session so that a portion of the output can then be selected, copied, and pasted (again) is not an efficient workflow by any definition. To successfully migrate users to a new approach, something similar to the existing functionality should be maintained as a design goal.
by Larry Dolinar, 2023-06-12
View all user reviews

Extension safety

Risk impact

CloudKeeper - Credential Helper requires some sensitive permissions that could impact your browser and data security. Exercise caution before installing.

Risk likelihood

CloudKeeper - Credential Helper is probably trust-worthy. Prefer other publishers if available. Exercise caution when installing this extension.

Upgrade to see risk analysis details

Similar extensions

Here are some Chrome extensions that are similar to CloudKeeper - Credential Helper: