awslabs / ssosync

Populate AWS SSO directly with your G Suite users and groups using either a CLI or AWS Lambda
Apache License 2.0
525 stars 181 forks source link

SSOSync fails to get binary secrets #130

Closed dancorne closed 7 months ago

dancorne commented 1 year ago

Describe the bug If any of the secrets for the Lambda are stored as binary rather than strings, SSOSync stops working with the following error:

{"level":"fatal","msg":"cannot read config: illegal base64 data at input byte 0","time":"2023-05-02T08:04:04Z"} 

To Reproduce Update one of the secrets to use binary rather than string, eg with the command:

aws secretsmanager update-secret --secret-id SSOSyncGoogleCredentials --secret-binary $(cat credentials.json | base64)

Expected behavior SSOSync fetches the secret and continues to run.

ChrisPates commented 7 months ago

This request has been merged with related one under a single feature request [Expand the Options for storing the sensitive parameters to include binaray secrets and SSM Parameter Store #180](https://github.com/awslabs/ssosync/issues/180]. Please review and add any specific requirements you feel it doesn't address.