Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Values from session block does not get exported when using --export-sso-token #577

Closed
cedieio opened this issue Dec 20, 2023 · 0 comments
Closed

Values from session block does not get exported when using --export-sso-token #577

cedieio opened this issue Dec 20, 2023 · 0 comments

Comments

@cedieio
Copy link
Contributor

cedieio commented Dec 20, 2023
edited
Loading

When using session on ~/.aws/config the sso_start_url is not exported on the credentials under ~/.aws/sso/cache/

e.g.

[sso-session test-session]
sso_region = ap-southeast-2
sso_registration_scopes = sso:account:access
sso_start_url = https://test/start#

[profile test-profile]
common_fate_generated_from = aws-sso
sso_account_id =000000000
sso_role_name = test-role

When running assume test-profile --export-sso-token

It gives the following credentials

{
   "accessToken"some_access_token",
   "expiresAt":"2023-12-20T19:31:16+10:00",
   "ssoSessionName":"test-session",
   "startUrl":"",
   "region":""
}
cedieio added a commit to cedieio/granted that referenced this issue Dec 20, 2023
@cedieio
Fix export lookup values when exporting credentials
750e0e8 
When `session` is present on the config it should be where
we get the `start_url` and `region`. Most configs will not
have said config under `profile` if they have a session block.
Session block takes priority for the configuration as it's considered
as it's connecting profiles together.

Fix for common-fate#577
@cedieio cedieio mentioned this issue Dec 20, 2023
Merged
shwethaumashanker pushed a commit that referenced this issue Dec 27, 2023
@cedieio
Fix export lookup values when exporting credentials (#578)
a7bbfd3 
* Fix export lookup values when exporting credentials

When `session` is present on the config it should be where
we get the `start_url` and `region`. Most configs will not
have said config under `profile` if they have a session block.
Session block takes priority for the configuration as it's considered
as it's connecting profiles together.

Fix for #577

* Adjust the logic for override

Override the sso_start_url if it's empty and have a proper session
block.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cedieio @shwethaumashanker