Skip to content

Allow login with master creds in environment #1150

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
mtibben merged 2 commits into from
Feb 21, 2023
Merged

Allow login with master creds in environment #1150

mtibben merged 2 commits into from
Feb 21, 2023

Conversation

@mtibben
Copy link
Member

@mtibben mtibben commented Feb 21, 2023

Use a federation token when master creds are sourced from the environment

Fixes #886

@mtibben mtibben mentioned this pull request Feb 21, 2023
Closed
@christophetd
Copy link
Contributor

christophetd commented Feb 21, 2023
edited
Loading

I tested this branch while being authenticated as an IAM role (after a successful aws-vault exec), and it doesn't seem to be working as I would expect:

$ aws-vault exec foo
$ aws sts get-caller-identity
{
    "UserId": "XXX:christophetd",
    "Account": "012345678912",
    "Arn": "arn:aws:sts::012345678912:assumed-role/admin/christophetd"
}
$ git checkout login-with-master-creds
$ go run . login
aws-vault: error: login: operation error IAM: GetUser, https response error StatusCode: 400, RequestID: 78c10110-6778-44cc-ac8a-e41ca01b3613, api error ValidationError: Must specify userName when calling with non-User credentials

christophetd
christophetd reviewed Feb 21, 2023
View reviewed changes
@mtibben
Copy link
Member Author

mtibben commented Feb 21, 2023

I tested this branch while being authenticated as an IAM role (after a successful aws-vault exec), and it doesn't seem to be working as I would expect:

@christophetd OK I think I fixed that now

@christophetd
Copy link
Contributor

christophetd commented Feb 21, 2023

Works well with env variables now! (it doesn't with --server or --ecs-server FWIW). Great stuff!

@mtibben mtibben merged commit f22295c into master Feb 21, 2023
@mtibben mtibben deleted the login-with-master-creds branch February 21, 2023 09:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@christophetd christophetd christophetd left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mtibben @christophetd