CloudKeeper - Credential Helper

AWS SSO External AWS Account - STS Keys Generator

What is CloudKeeper - Credential Helper?

CloudKeeper - Credential Helper is a Chrome extension that enables the retrieval of AWS CLI credentials for external AWS accounts in AWS SSO by passing the SAML Assertion to AWS Security Token Service. Simply click on the extension while logged into the desired external AWS account, and the credentials will be available for you to copy and use with the AWS CLI on your local machine. The extension does not collect data and credentials are viewable only once.

Download

Stats

By: To The New Pvt. Ltd.

View on Chrome Web Store

Users: 733 ▲ 21

Rating: 4.00 (2)

Version: 1.3.0 (Last updated: 2024-02-05)

Creation date: 2022-07-02

Risk impact: High risk impact

Risk likelihood: Moderate risk likelihood

Manifest version: 3

Permissions:

webRequest
storage
webNavigation

Host permissions:

https://signin.aws.amazon.com/saml

Size: 846.85K

Email: ad*****@tothenew.com

URLs: Website

Stats date:

Chrome-Stats Rank

# 33375 ▲ 259

Other rankings

#6071 in Developer Tools ▲ 37

Other platforms

Not available on Firefox

Not available on Edge

Want to check extension ranking and stats more quickly for other Chrome extensions? Install Chrome-Stats extension to view Chrome-Stats data as you browse the Chrome Web Store.

Summary

Analyze keywords

If you're using an external AWS account in AWS SSO, there is no way for you to retrieve the CLI credentials for the role. The workaround suggested by AWS is to use AWS CloudShell. This Credential Helper extension allows you to retrieve the CLI credentials by passing the SAML Assertion to AWS Security Token Service.

To use this extension:

Click on the external AWS account you wish to log into
Once the console opens, click on the extension and the popup will appear
Your credentials will be available there for you to copy
Copy the credentials to your local AWS credentials file
Use the AWS CLI from your local machine

Note: This extension does not collect any data. The credentials are available to view only once and are deleted once the popup is closed.

User reviews

While useful, the popup has a significant flaw when installed on Chrome 113.0.5672.127: the width of the popup prevents fully highlighting the displayed credentials. As a result, any attempt to highlight and copy the "export" credentials results in an incomplete session token, which translates to a malformed token in a user's session (eg., Ubuntu 20.04 terminal, PuTTY, etc.) Please consider either an overall scrollbar for this popup, or buttons for each type of credential output to aid in getting the full content into the user's clipboard for further use. The workaround of "select all" (Ctrl-A), then "copy" (Ctrl-C), then "paste" (Ctrl-V) into something like notepad, or an empty vim session so that a portion of the output can then be selected, copied, and pasted (again) is not an efficient workflow by any definition. To successfully migrate users to a new approach, something similar to the existing functionality should be maintained as a design goal.

Larry Dolinar, 2023-06-12

View all user reviews

Safety

Risk impact

CloudKeeper - Credential Helper is risky to use as it requires a number of sensitive permissions that can potentially harm your browser and steal your data. Exercise caution when installing this extension. Review carefully before installing. We recommend that you only install CloudKeeper - Credential Helper if you trust the publisher.