Open kubukoz opened 1 year ago
kubukoz
commented
1 year ago Apparently awscli2 does that, but only some SDKs do...
There's also credential_process - that'd work for me as well, although I'd need to hack some process up or use aws-sso-util. Not sure what's worse to do in smithy4s: running an executable or reading files from disk... but credential_process will probably have to be supported in the longer term.
Baccata
commented
1 year ago We've never made any promise as to what credentials we'd be supporting. It's also worth noting we're not supporting ~/.aws/credentials either.
The point of the AWS module is to cross compile work across the different platforms, and I'm not sure running an executable fits that.
Baccata
commented
1 year ago @kubukoz considering @daddykotex has added support for have file-based credentials provider now, I'm okay with this being added in a similar fashion.
kubukoz
commented
1 year ago Tbh I don't need it anymore as my org switched to a solution that uses the credentials file 😅 shall we keep it open if anyone else is interested in implementing this in the future?
Baccata
commented
1 year ago 🤷♂️ sure
If your organization uses
aws ssofor authentication, the documented "credential chain" isn't enough - you need to look at files in~/.aws/sso/cache/*.json.Smithy4s doesn't implement that: I think it should be supported, as
aws sso logindoesn't write to~/.aws/credentialsor otherwise export a token into the environment. Tools like awscli2 seem to be reading from that cache directory.