Closed jtgasper3 closed 1 year ago
I took a stab at it, but I'm not much of a Golang dev, so feel free to change or request changes.
PR #17
@jtgasper3 do you have an example implementation of this I can test this out on?
@jaxxstorm,
My apologies for not responding earlier. I missed your request/message until the "Close" message bubbled it up in my inbox again.
If it is still helpful:
[profile ro]
sso_session = east-sso
sso_account_id = 123456
sso_role_name = ReadOnly
region = us-east-1
output = json
[profile admin]
sso_session = east-sso
sso_account_id = 123456
sso_role_name = AdminAccess
region = us-east-1
output = json
[sso-session company-sso]
sso_start_url = https://company-sso.awsapps.com/start
sso_region = us-east-1
Having the same issue with this config when running aws-sso-creds get --profile dev
with version 1.4.0
`` [profile dev] sso_start_url = https://company.awsapps.com/start#/ sso_region = ap-northeast-1 sso_session = my-sso sso_account_id = XXXXXXXXXX sso_role_name = AWSAdministratorAccess region = ap-northeast-1 output = json
[sso-session my-sso] sso_start_url = https://company.awsapps.com/start#/ sso_region = ap-northeast-1 sso_registration_scopes = sso:account:access
[profile prod] sso_session = my-sso sso_account_id = XXXXXXXXX sso_role_name = AWSAdministratorAccess region = ap-northeast-1 output = json ``
@vfilter if you move the session above the profile, does it work?
@jaxxstorm, I made a small improvement in the way aws-sso-creds merges SSO options from profile
& sso-session
to follow the AWS CLI behavior more closely. The order of these sections in the config should not matter too. Would you mind taking a look at #32?
As I mentioned in the PR, a much better approach would be to upgrade to aws/aws-sdk-go-v2 since it supports CLI v2 SSO options and can handle the SSO token cache itself. But it's too big of a task for me to take right now.
Looks great @uvw thanks for the contribution!
Wow that was quick, @jaxxstorm! 👍 Thank you for accepting the PR!
Getting an error:
Error: error retrieving SSO config: no SSO url in profile: admin
The missing settings are in the "shared" config in the
sso-session
section of the file and are inherited by the profile via thesso_session
property.See: