Adds support for the upcoming changes in the "IAM Role Refresh" project which involves splitting the AWS Okta application to one per account instead of one for all account.
This impacts some logic in the STS script since we are now not proxying from the tools account.
The changes in this PR enable to get the STS token for both the previous setup and the new setup.
there are BREAKING CHANGES, the configuration accounts were previously defined as:
The compatibility is maintained by falling back to the config.idpEntryUrl and doing the proxy thing if the account does not have the idpEntryUrl key defined.
Adds support for the upcoming changes in the "IAM Role Refresh" project which involves splitting the AWS Okta application to one per account instead of one for all account.
This impacts some logic in the STS script since we are now not proxying from the tools account.
The changes in this PR enable to get the STS token for both the previous setup and the new setup.
there are BREAKING CHANGES, the configuration accounts were previously defined as:
and now, the account items were upgraded to an object, with fields
accountNumber
andidpEntryUrl
.The compatibility is maintained by falling back to the
config.idpEntryUrl
and doing the proxy thing if the account does not have theidpEntryUrl
key defined.