Currently, when using commands like aws configure sso or running tf shell --sso within Leverage, AWS profiles are created with additional suffixes such as "administrator" or "devops" in the aws config/credentials file. For example:
ptrn-management-administrator
ptrn-shared-devops
These suffixes are unnecessary and create inconsistencies, especially when referenced in Terraform configurations, such as terraform_remote_state or provider configurations. This results in profiles being written with extended names, which could be streamlined for better usability and consistency.
Expected Behavior
AWS profiles should be created without the extra suffixes in the aws config/credentials file.
For example, ptrn-management and ptrn-shared should be used instead of ptrn-management-administrator and ptrn-shared-devops.
Use Case
The current implementation causes confusion and additional complexity in Terraform configurations, especially when specifying profiles for remote state data sources and providers. By simplifying the profile naming convention, we can reduce redundancy, improve consistency, and make configurations cleaner.
Describe Ideal Solution
Modify the logic in the Leverage CLI to create AWS profiles without suffixes.
Ensure that the AWS profile names align with the base account names, such as ptrn-management or ptrn-shared, without any role-based suffixes.
Update any Terraform templates, documentation, and scripts within Leverage to reflect the simplified profile names.
Alternatives Considered
Retaining the existing suffixes for clarity on roles (e.g., "administrator" or "devops"), but this increases configuration complexity and redundancy.
Implementing conditional logic to dynamically adjust profile references in Terraform configurations, though this approach adds unnecessary complexity.
Additional Context
This change impacts all layers, so it will require a coordinated update across configurations and documentation.
The current naming convention is a legacy from the MFA setup and should be revised to fit the streamlined SSO configuration.
Describe the Feature
Currently, when using commands like
aws configure ssoor runningtf shell --ssowithin Leverage, AWS profiles are created with additional suffixes such as "administrator" or "devops" in theaws config/credentialsfile. For example:ptrn-management-administratorptrn-shared-devopsThese suffixes are unnecessary and create inconsistencies, especially when referenced in Terraform configurations, such as
terraform_remote_stateor provider configurations. This results in profiles being written with extended names, which could be streamlined for better usability and consistency.Expected Behavior
aws config/credentialsfile.ptrn-managementandptrn-sharedshould be used instead ofptrn-management-administratorandptrn-shared-devops.Use Case
The current implementation causes confusion and additional complexity in Terraform configurations, especially when specifying profiles for remote state data sources and providers. By simplifying the profile naming convention, we can reduce redundancy, improve consistency, and make configurations cleaner.
Describe Ideal Solution
ptrn-managementorptrn-shared, without any role-based suffixes.Alternatives Considered
Additional Context