search

rkoval / alfred-aws-console-services-workflow

A powerful workflow for quickly opening up AWS Console Services in your browser or searching for entities within them.
MIT License
312 stars 54 forks source link

SSO as base profile in credentials/config file #69

Open Nizari opened 10 months ago

Nizari commented 10 months ago

Hi @rkoval,

First of thank you for the best alfred plugin that I know!

A question: Is it possible to use sso in combination with this workflow? I have something like below. I dont have this in my credentials file because I don't have credentials. How could I use your workflow in combination?

# file .aws/config

[profile main]
sso_session = mysso
sso_account_id = 123456789
sso_role_name = AWSAdministratorAccess
region = eu-central-1
output = json
cli_pager=

[sso-session mysso]
sso_start_url = https://example.awsapps.com/start
sso_region = eu-central-1
sso_registration_scopes = sso:account:access
duration_seconds=1800
hoto commented 8 months ago

You could try to populate your ~/.ssh/credentials file by running aws configure export-credentials --profile myprofile then piping that through some text processor (awk maybe) and into your creds file. You'd have to run that every time your sso creds expire though.

https://awscli.amazonaws.com/v2/documentation/api/latest/reference/configure/export-credentials.html

chuan29812 commented 4 weeks ago

maybe a long shot, i have a script that would populate and refresh my credentials, however, when my credential file is populated with SSO, using the aws command takes me to the right service and region, but never the right account. Any idea?