search

cevoaustralia / aws-google-auth

Provides AWS STS credentials based on Google Apps SAML SSO auth (what a jumble!)
MIT License
537 stars 181 forks source link

Role parameter ignored when trying to login #223

Open brunomfcabral opened 3 years ago

brunomfcabral commented 3 years ago

Hey folks, hope you've doing great

This is my first time using aws-google-auth and I'm running into some unexpected behaviour (probably because of something I am doing wrong haha)

I'm on version 0.0.37 installed via pip3

So I'm trying to login using

aws-google-auth -u $GOOGLE_USERNAME \
-R $AWS_REGION \
-I $GOOGLE_IDP_ID \
-S $GOOGLE_SP_ID \
-r $AWS_ROLE_ARN \
-p $AWS_PROFILE

Where AWS_ROLE_ARN is image

But for some reason it ignores this role I am passing as an argument and prompts me to choose one role that does not exist in my organization as the only option image

And then, when I choose this (wrong) option I get an access denied error "An error occurred (AccessDenied) when calling the AssumeRoleWithSAML operation: Not authorized to perform sts:AssumeRoleWithSAML" Which is expected...

Any ideas of why this might be happening? Any help will be much appreciated!

Cheers