search

common-fate / granted

The easiest way to access your cloud.
https://granted.dev
MIT License
955 stars 90 forks source link

--profile flag does not initiate Common Fate JIT #668

Open shwethaumashanker opened 1 month ago

shwethaumashanker commented 1 month ago

--profile flag does not initiate Common Fate JIT when common_fate_url is added to the profile config

How to reproduce: 

[profile cf-demo]
granted_sso_start_url  = https:/example.com/start
granted_sso_region     = ap-southeast-2
granted_sso_account_id = 12345678910
granted_sso_role_name  = AdministratorAccess
region                 = ap-southeast-2
credential_process     = granted credential-process --profile cf-demo 
common_fate_url        = https://example.com
aws sts get-caller-identity --profile example

Error when retrieving credentials from custom-process: [✘] no access: operation error SSO: GetRoleCredentials, https response error StatusCode: 403, RequestID: 8e42b013-2bd7-4caa-a38d-b9a4xxxxxx, api error ForbiddenException: No access