Analysis updated 2026-07-05 · repo last pushed 2023-06-01
Log into AWS from the terminal using Okta or JumpCloud without manually fetching tokens.
Run AWS CLI commands like listing servers or uploading files with credentials managed automatically in the background.
Switch between multiple AWS roles by selecting from a prompt when running a command.
| moritzheiber/crowbar | restsend/pipa | cesarferreira/tmux.expose | |
|---|---|---|---|
| Stars | 35 | 32 | 41 |
| Language | Rust | Rust | Rust |
| Last pushed | 2023-06-01 | — | — |
| Maintenance | Dormant | — | — |
| Setup difficulty | moderate | easy | easy |
| Complexity | 2/5 | 4/5 | 2/5 |
| Audience | ops devops | developer | developer |
Figures from each repo's GitHub metadata at analysis time.
Requires configuration of your identity provider details (username, provider URL, AWS app URL) and an installed AWS CLI tool on your system.
If your company uses AWS for cloud infrastructure, you probably log in through a corporate identity provider like Okta or JumpCloud rather than typing in a raw AWS password. Crowbar is a tool that makes this process smooth from the command line. It handles the back-and-forth of authenticating with your identity provider and generating the temporary credentials you need to run AWS commands, so you don't have to manually fetch and paste tokens every time your access expires. When you set up a profile, you give the tool your username, your identity provider, and the URL for your AWS app. When you run an AWS command, it pings your identity provider, asks for your password, and prompts you for multi-factor authentication (MFA), like a push notification or a code from an authenticator app. Once you're verified, it fetches temporary security credentials and hands them directly to the AWS command-line tool. If you have multiple AWS roles available, it will ask you to pick which one you want to use. The standout feature is how it handles your sensitive data. Many similar tools save your session tokens and credentials in plain text files on your computer's hard drive. This tool avoids that entirely. Instead, it stores your credentials securely in your operating system's built-in secure keystore (like macOS's Keychain). This means a malicious program snooping around your files won't find your AWS credentials lying around. This is built for developers, system administrators, or anyone who needs to interact with AWS resources from their terminal. For example, if you need to list your company's servers or upload files to a storage bucket, you can run a standard AWS command, and this tool will silently manage the authentication in the background. It integrates directly with the AWS command-line tool, so once it's configured, you barely notice it's there. Right now, it supports Okta (with several MFA options like push notifications and text messages) and JumpCloud. The project is actively working toward adding support for ADFS and WebAuthn security keys. It works across macOS, Windows, and Linux, and you can install it through popular package managers like Homebrew or Chocolatey.
A command-line tool that logs you into AWS through corporate identity providers like Okta or JumpCloud, fetching temporary credentials on demand and storing them securely in your OS keychain.
Mainly Rust. The stack also includes Rust, AWS CLI.
Dormant — no commits in 2+ years (last push 2023-06-01).
No license is mentioned in the explanation, so the default terms of copyright apply, you may not be able to use, modify, or distribute this code without permission from the author.
Setup difficulty is rated moderate, with roughly 30min to a first successful run.
Mainly ops devops.
This repo across BitVibe Labs
Verify against the repo before relying on details.