search

victorskl / yawsso

Yet Another AWS SSO - sync up AWS CLI v2 SSO login session to legacy CLI v1 credentials
MIT License
302 stars 26 forks source link

yawsso doesn't recognize new-style SSO profiles #75

Closed asherber closed 1 year ago

asherber commented 1 year ago

I'm setting up a brand new machine, and it appears that AWS (I'm using CLI v2.9.1 on Windows) has introduced a new kind of SSO configuration since the last time I did this.

In short, by pulling some of the common SSO settings out into their own section in the config, AWS gains the ability to automatically refresh the SSO session credentials that may be used by different profiles.

This is causing problems with yawsso, which is looking for specific keys in the profile section.

Old-style config file

[profile my-profile]
sso_account_id = 12345
sso_role_name = BasicAccess
sso_start_url = https://example.com/start
sso_region = us-east-1

New-style config file

[sso-session MySession]
sso_start_url = https://example.com/start
sso_region = us-east-1
sso_registration_scopes = sso:account:access

[profile my-profile]
sso_session = MySession
sso_account_id = 12345
sso_role_name = BasicAccess
region = us-east-1
victorskl commented 1 year ago

Thanks for reporting. I will upgrade to latest AWS CLI and follow up.

asherber commented 1 year ago

To reproduce, delete your config file and start fresh with aws configure sso. Enter an SSO session name when prompted -- otherwise it will create a "legacy" config file that doesn't make use of sessions.

victorskl commented 1 year ago

(Apology, was away with early '22 holidays. Be back on 1.1.0 release milestone for start of 2023. ETA end Jan / early Feb)

victorskl commented 1 year ago

Hi there; sorry for delay. New year start with a bit of backlogs.

This is now avail for public review with rc1.

https://pypi.org/project/yawsso/1.1.0rc1/

pip install -U yawsso==1.1.0rc1

Nothing much. Just use yawsso as usual. It now recognise the new style sso-session config section. Still backward compatible at the same time.

I will test it myself a bit; these days. If all good, it will come GA when 1.1.0 milestone close.

gavllew commented 1 year ago

The RC is working for me, thanks!

victorskl commented 1 year ago

Thanks for testing and feedback

asherber commented 1 year ago

Sorry, didn't have time to look at this the last couple of days, but so far working fine today.

victorskl commented 1 year ago

Cool, thanks again for feedback. Work well over my end too, so far.

I will probably push it through other pending tickets; and we can make GA release over this weekend then.

victorskl commented 1 year ago

This is now released and GA. https://github.com/victorskl/yawsso/releases/tag/1.1.0

pip install -U yawsso==1.1.0