I'm working on a tool that helps users manage their AWS resources on their own computers. Before the tool can start handling the users' resources, it needs to get hold of their AWS access credentials. Is there a way I can walk them through a login process using a web browser to obtain these credentials?
I'd rather not use the AWS CLI so that we can keep the steps needed for using this tool to a minimum.
I've learned a few methods, like AssumeRole. It seems that I need to log in to my account first. However, it's not possible to log in to my account on the users' machine.
I'm curious about how serverless framework is implemented. AWS Credentials - Serverless
It's likely you could use IAM Identity Centre, which was previously known as Single Sign On (SSO). This can provide users a single pane of glass to sign into accounts.
https://aws.amazon.com/what-is/sso/
Should that not fit your specific needs, there is a list of different sign in apps here which you can evaluate:
https://aws.amazon.com/products/security/