search

rkoval / alfred-aws-console-services-workflow

A powerful workflow for quickly opening up AWS Console Services in your browser or searching for entities within them.
MIT License
312 stars 54 forks source link

add profile changing (persists across queries) #36

Open rkoval opened 3 years ago

rkoval commented 3 years ago

original issue: https://github.com/rkoval/alfred-aws-console-services-workflow/issues/29

MacHu-GWU commented 3 years ago

@rkoval Hi, I find out that your solution is to use @ to choose which named profile to use. However, you need to enter @ everytime you want to use a named profile.

I create a Workflow that can update ~/.aws/credentials and ~/.aws/config on the file and set one of the named profile as DEFAULT. Then you no longer need to do @ over and over again. I think it is a good company for your workflow

The workflow is here https://github.com/MacHu-GWU/afwf_aws_tools-project

BTW, I used to use this workflow for exactly same thing your workflow does - jump to different console and list resources like ec2 / s3. But I believe your workflow is awesome, so I deleted all my Alfred Keyword from my workflow and only keep the aws-set-default-profile keyword for better using your workflow.

Nice work bro!

rkoval commented 3 years ago

thanks for the suggestion here! this issue is to track the task for adding support for making it so profile persist across invocations. this will be implemented internally at.. some point. however, globally modifying the config/credentials file on disk seems a bit error prone and outside of the scope for alfred-aws-console-services-workflow, though it's cool that your supports that. i will likely utilize AWS_PROFILE env vars for this, as alfred supports persisting them and that's an officially supported way that the aws sdks allow for switching between them

MacHu-GWU commented 3 years ago

@rkoval I know it is a temp solution, looking forward to seeing you officially support that.

BTW, another case would be MFA. Some organizations force MFA using any AWS API key, you need to run some aws sts ... six-digits-token-from-your-phone commands and manually copy and paste the response into the ~/.aws/credentials file, which is very annoying. (See how to do it correctly https://aws.amazon.com/premiumsupport/knowledge-center/authenticate-mfa-cli/)

I think this is a good feature to add to this workflow.

I implement it https://github.com/MacHu-GWU/afwf_aws_tools-project as a temporary solution. Looking forward to seeing this feature is added to your workflow, of course, not a in-place-editing but a in-memory-cache version of implementation

Thank you for your great work bro.

rkoval commented 3 years ago

BTW, another case would be MFA. Some organizations force MFA using any AWS API key, you need to run some aws sts ... six-digits-token-from-your-phone commands and manually copy and paste the response into the ~/.aws/credentials file, which is very annoying. (See how to do it correctly https://aws.amazon.com/premiumsupport/knowledge-center/authenticate-mfa-cli/)

ahh, thanks for the heads up. i wasn't aware AWS allowed you to do this. issue for tracking this here: https://github.com/rkoval/alfred-aws-console-services-workflow/issues/45