Skip to content

contino/docker-okta-aws

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
Dockerfile
Dockerfile
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
awscli
awscli
 
 

Repository files navigation

Docker Okta

Containerised Okta CLI with Python AWS sdks installed.

Usage

The below 2 examples assume that you will be utilising a configuration file.

Docker

Run as a command:

docker run --rm -v ~/.okta/config.properties:/root/.okta/config.properties -v ~/.aws:/root/.aws contino/okta-aws

Docker-Compose

Using docker-compose:

okta:
  image: contino/okta-aws
  volumes:
    - ~/.okta/config.properties:/root/.okta/config.properties
    - ~/.aws:/root/.aws

And run docker-compose run okta to be prompted with username and password.

Bash

Can also set as a bash function and placed in your ~/.bashrc or equivalent for quick access, with a configuration file:

function okta() {
  docker run --rm -it -v ~/.okta/config.properties:/root/.okta/config.properties -v ~/.aws:/root/.aws contino/okta-aws;
}

Then run okta on your terminal to be prompted.

Configuration

Please see Okta for further details.

Environment Variables

Here are some quick environment variables to get you started:

  • OKTA_ORG - Name of your organisation in Okta settings. Must be set.
  • OKTA_AWS_APP_URL - Your unique application URL. Must be set.
  • OKTA_AWS_ROLE_TO_ASSUME - The initial role to assume if found, otherwise will prompt with list (default: '')
  • OKTA_AWS_DEFAULT_REGION - The region your Okta login is to take place in (default: 'ap-southeast-2')
  • OKTA_USERNAME - Your personal Okta username, if not set will be prompted to enter in manually
  • OKTA_AWS_PROFILE - Custom name for the okta profile to use (default: 'default')

If requiring an assume role after your primary Okta login, these variables can be used to automatically assume into the role desired:

  • AWS_ASSUME_ROLE_ARN - The full ARN of the account and role you wish to assume into after Okta authentication
  • AWS_ASSUME_SESSION_NAME - Custom session name to be used in assuming (default: 'OktaAssumeRole')

Configuration File

If wanting to store all configuration for Okta in a static file instead, you have the functionality to bind mount a configuration file directly into the container. See below example of what it can look like.

Save below contents in a file located ~/.okta/config.properties:

OKTA_ORG=my-org.okta.com
OKTA_AWS_APP_URL=https://my-org.okta.com/home/amazon_aws/123456789

Build

Update the OKTA_VERSION in both Makefile and Dockerfile. Then run:

make build

Docker Hub will automatically trigger a new build.

Related Projects

About

containerised Okta SSO with AWS STS

Resources

Readme
Activity
Custom properties

Stars

9 stars

Watchers

193 watching

Forks

4 forks
Report repository

Releases 2

1.0.10 Latest
Apr 8, 2019
+ 1 release

Packages

No packages published

Contributors 6

Languages