Support filtering roles that contain a path

tilfinltd / aws-extend-switch-roles

Extend your AWS IAM switching roles by Chrome extension, Firefox add-on, or Edge add-on

https://goo.gl/0QFjow

MIT License

1.31k stars 140 forks source link

Support filtering roles that contain a path #344

Open dblackhall-tyro opened 3 weeks ago

dblackhall-tyro commented 3 weeks ago

In my organisation some roles have been created with paths: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names

This PR extends the matching logic to match on roles with a path

tilfin commented 3 weeks ago

I believe we need to modify the filterByTargetRole generation process. It doesn't seem to work correctly when the path consists of multiple parts. For instance, if a role path is structured like /company/dept/roleName, the current implementation might not handle it properly.

Additionally, when logging in with federated credentials, does the Management Console display usernames with paths that consist of multiple parts?

Example:

Role path: /company/dept/
Username displayed in the Management Console: company/dept/roleName

dblackhall-tyro commented 3 weeks ago

I believe we need to modify the filterByTargetRole generation process. It doesn't seem to work correctly when the path consists of multiple parts. For instance, if a role path is structured like /company/dept/roleName, the current implementation might not handle it properly.

Going back and looking at the code again I think I understand what you mean. Should I move the logic into the convertComplexTarget function?

Additionally, when logging in with federated credentials, does the Management Console display usernames with paths that consist of multiple parts?

This I can be helpful with. The management console displays only the roleName e.g roleName/dblackhall@example.com