AWS, Python CLI Configuration for shibboleth 2FA authentication

Step By Step Guide to installing and using the SAML plugin for AWS logins via UIUC Shibboleth using Duo 2 factor authentication.

1. Patch and Install system packages:

Amazon Linux:
sudo yum update
sudo yum install python3-virtualenv git
Ubuntu 18.04:
sudo apt update
sudo apt upgrade
sudo apt install python3-venv python3-dev gcc

2. Create and activate a Python 3 virtual environment:

mkdir -p ~/.virtualenvs/uiuc
python3 -mvenv ~/.virtualenvs/uiuc
source ~/.virtualenvs/uiuc/bin/activate

3. Install Python dependencies:

pip install --upgrade pip wheel setuptools
pip install awscli boto3 awscli_login keyrings.alt

4. Configure AWS CLI and log in:

aws configure
Default region name: us-east-2
Default output format: json


aws configure
aws configure set plugins.login awscli_login
aws login configure
aws login


ECP Endpoint URL [None]: https://shibboleth.illinois.edu/idp/profile/SAML2/SOAP/ECP