Enhancement Request: Ability to populate Configuration programatically

[ruelio]

I have written a Python script to pull and build account configuration text from AWS Organizations. Currently, I have to open the Configuration and manually paste in the updated list. Would like a way to add code to my Python to update the configuration within my code to make it a single call. Have not seen where this functionality might exist so please correct me if it does and point me to the docs. Thanks!

[tilfin]

The only way to control browser extensions from the OS side is to use Native Messaging. https://developer.chrome.com/docs/apps/nativeMessaging/

However, you need to register the program with the OS beforehand, and I don't know if it will work with Python.

AESR supports the Extension API, so it is possible to receive your configuration from another browser extension or OS native program with Native Messaging. https://github.com/tilfinltd/aws-extend-switch-roles#extension-api

If your original configuration is fetched from the web, you can implement a browser extension that sends the configuration to AESR in the background. https://github.com/tilfinltd/aws-extend-switch-roles/wiki/External-API#config-sender-extension

[ruelio]

Hey I appreciate the quick response. I’ll take a look into this to see if it is something I can tackle. I’m not in front of my computer right now but would you like me to close the issue if you haven’t done so already?

Chris..

Sent from my iPhone

On Jun 10, 2021, at 10:46 AM, Toshimitsu Takahashi @.***> wrote:

 The only way to control browser extensions from the OS side is to use Native Messaging. https://developer.chrome.com/docs/apps/nativeMessaging/

However, you need to register the program with the OS beforehand, and I don't know if it will work with Python.

AESR supports the Extension API, so it is possible to receive your configuration from another browser extension or OS native program with Native Messaging. https://github.com/tilfinltd/aws-extend-switch-roles#extension-api

If your original configuration is fetched from the web, you can implement a browser extension that sends the configuration to AESR in the background.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.

[srhopkins]

Same request here, I have lots of clients that have lots of accounts and roles and would be nice to either populate dynamically or have a way to only display certain entries based off the context of the primary account or something. Let me know if there is any progress on this or if anyone has another suggestion to at least limit what I see in the drop down based on primary account.

Awesome product!

[saiaman]

The extension could load all organization accounts and look at actual sts assumeRole autorisations of current user…. Would be dynamic and better

[XargsUK]

@saiaman @srhopkins

I have two projects which kinda match what you are looking for.

I have a Lambda which creates the switch roles configurations using the organizations API. It also is able to assume role into other organizations to gather the account IDs to generate the config. The config is stored in S3. If you want me to pop up a repo with the script on,just let me know.

I've also been working on https://github.com/XargsUK/aesr-s3-config-sender/, which uses the AESR Config sender API to update the config. It authenticates using either Cognito or plain-old access/secret keys to get config from S3, and then pushes to AWS Extend Switch Roles. This is a work in progress, but it's functional. Feel free to check it out (pre-release package contains the cognito support).