search

rkoval / alfred-aws-console-services-workflow

A powerful workflow for quickly opening up AWS Console Services in your browser or searching for entities within them.
MIT License
314 stars 54 forks source link

SSO as base profile in credentials/config file #69

Open Nizari opened 1 year ago

Nizari commented 1 year ago

Hi @rkoval,

First of thank you for the best alfred plugin that I know!

A question: Is it possible to use sso in combination with this workflow? I have something like below. I dont have this in my credentials file because I don't have credentials. How could I use your workflow in combination?

# file .aws/config

[profile main]
sso_session = mysso
sso_account_id = 123456789
sso_role_name = AWSAdministratorAccess
region = eu-central-1
output = json
cli_pager=

[sso-session mysso]
sso_start_url = https://example.awsapps.com/start
sso_region = eu-central-1
sso_registration_scopes = sso:account:access
duration_seconds=1800
hoto commented 11 months ago

You could try to populate your ~/.ssh/credentials file by running aws configure export-credentials --profile myprofile then piping that through some text processor (awk maybe) and into your creds file. You'd have to run that every time your sso creds expire though.

https://awscli.amazonaws.com/v2/documentation/api/latest/reference/configure/export-credentials.html

chuan29812 commented 3 months ago

maybe a long shot, i have a script that would populate and refresh my credentials, however, when my credential file is populated with SSO, using the aws command takes me to the right service and region, but never the right account. Any idea?