awslabs / ssosync

Populate AWS SSO directly with your G Suite users and groups using either a CLI or AWS Lambda
Apache License 2.0
530 stars 182 forks source link

Fix fetching binary secrets #183

Open dancorne opened 8 months ago

dancorne commented 8 months ago

I'd originally opened https://github.com/awslabs/ssosync/pull/131 as a bugfix PR, but then deleted my fork which closed the PR without me realising 😅

The SDK already decodes from base64 automatically so this was attempting to decode again, which fails with the below error:

{"level":"fatal","msg":"cannot read config: illegal base64 data at input byte 0","time":"2023-05-02T08:04:04Z"} 

It looks like the SAM template uses only string secrets so I'm not sure many people would've hit this branch of logic, but we added one of the secrets as binary and SSOSync stopped working.

Resolves https://github.com/awslabs/ssosync/issues/130

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.