POC: Single Sign-On

[simonireilly]

This Proof of Concept for Single Sign On introduces the aws-sdk for javascript v3 credential provider for nodejs.

closes: #679

Questions

• The AWS-SDK v3 suitable for the project in this use case?
  • Documentation: https://docs.aws.amazon.com/AWSJavaScriptSDK/v3/latest/modules/_aws_sdk_credential_provider_node.html
• Is there any required integration testing?

Usage

Continues to support all authentication methods.

Breaking change :boom:

• Previous code had --profile as top priority; the aws package ranks this as fourth ranking for sign-in is:

1. Environment variables exposed via process.env
2. SSO credentials from token cache
3. Web identity token credentials
4. Shared credentials and config ini files
5. The EC2/ECS Instance Metadata Service

Breaking change :boom:

With given config

# ~/.aws/config
[profile dev]
sso_start_url = "https://my-sso-portal.awsapps.com/start"
sso_region = "us-east-1"
sso_account_id = "123456789011"
sso_role_name = "Developer"
region = "us-west-2"
output = "json"

Auth first, then sls-dev-tools will find the SSO creds.

aws sso login --profile dev
sls-dev-tools --profile dev