SAML.to allows GitHub Users and Repositories to assume AWS IAM Roles.
The differences between other similar services and SAML to is:
- We do not maintain a database of users, passwords or tokens, we rely on GitHub to do so
- Relationship of Users and Roles is maintained in a Configuration File checked into a GitHub Repository
- We offer a Developer Friendly CLI and GitHub actions for assuming roles.
From individuals to enterprises. SAML.to works for anyone with one or more AWS Accounts, AWS Roles, GitHub Organizations, Teams and Users.
Yes! Trust Relationships can have multiple statements, meaning they can trust multiple identity providers. When adding SAML.to, add another statement to the Trust Relationship, leaving the existing statements unmodified.
The OpenID Connect feature for GitHub is exclusively for Repositories in GitHub Actions. SAML.to does this as well, in addition to:
- Allow Users to assume the same roles on their laptop with a developer friendly CLI
- Multiple Role Assumptions in a Single Action Run