Open AndrewCopeland opened 5 years ago
As a consumer, this would be valuable. Currently this is a difference with the Ruby library that makes custom (and even providers like IAM) a bit impractical to use.
@AndrewCopeland / @MTNPCGCG: I can prioritize this next time I'm working on this in the next week or two but it looks a bit of a beefy feature so I can't make any promises yet. Feel free to open a PR if you would like to contribute until then.
Hi there, any new thougths on this issue? It would be great to be able to use this authn-iam using both conjur-api-python3 and https://github.com/davidmuller/aws-requests-auth#aws-api-gateway-example-with-iam-authentication-and-boto-automatic-credentials Thanks :)
Hey @JfcAtCyberArk, I haven't had much available time to work on this lately so apologies for that but I think we have a new repo with specialized code for this now here. I'm not quite sure about what/how the repo works but it seems like it would fit your use case until we get this functionality integrated into the repo directly.
PS: It would be great to hear feedback on it if you do try it out
Hi @sgnn7, Thanks a lot for your advice, the specialized repo worked like a charm! I would encourage anyone trying to use auth-iam to use this repo as it automates many tasks while giving the ability to take a look at bits and bytes in the source code. Thanks again JFC
Add the ability to the cli and api client to support a flag such as:
Where the
--authn
flag should support both iam and k8s and when this flag is provided a-p
should not be required. If the--authn
is provided then the--authn-id
will also be required since this is used to authenticate correctly.The main difference between the authenticators is just the 'authenticate' endpoint being used, the rest of the cli/api client should remain unchanged.