Add SSO profile support for AWS key vault

narenaryan / whispr

A multi-vault secret injection tool for safely injecting secrets into app environment

MIT License

97 stars 1 forks source link

Open narenaryan opened 1 month ago

narenaryan commented 1 month ago

Right now, AWS vault implementation doesn't support SSO as it requires a profile to configure.

The feature should extend existing configuration to add sso_profile and use it for fetching secrets.

narenaryan commented 3 weeks ago

Here is a plan to implement it:

Have a new, optional sso_profile parameter in Whispr config to take a SSO profile name when vault: aws
Use this value to set an environment variable called "AWS_DEFAULT_PROFILE" in Whispr app context
To test, perform aws sso login --profile
whispr run 'command'

That should conclude this feature.