Yet Another AWS SSO - sync up AWS CLI v2 SSO login session to legacy CLI v1 credentials
Project description
yawsso
Yet Another AWS SSO - sync up AWS CLI v2 SSO login session to legacy CLI v1 credentials.
Prerequisite
- Required AWS CLI v2
- Assume you have already setup AWS SSO for your organization
TL;DR
- Install latest from PyPI like so:
pip install yawsso
- Do your per normal SSO login and, have those SSO login session cache like so:
aws sso login --profile=dev
aws sso login --profile=prod
aws sso login --profile=stag
- To sync for all named profiles (e.g. dev, prod, stag), then just:
yawsso
- To sync default profile, do:
yawsso --default
- To sync for selected named profile, do:
yawsso -p dev
- To sync for multiple selected named profiles, do:
yawsso -p dev prod
- To sync for default profile as well as multiple named profiles, do:
yawsso --default -p dev prod
-
Then, continue per normal with your daily tools. i.e.
cdk deploy ...terraform ...cw ls -p dev groupsawsbw -L -P dev
-
To print help:
yawsso -h
Why
AWS CLI v2 SSO login cache/store credentials is somewhat different to AWS CLI v1 i.e. no longer in ~/.aws/credentials. There are many SDK and tools still depends on this legacy ~/.aws/credentials format.
- boto3 - https://github.com/boto/boto3/issues/2091
- botocore - https://github.com/boto/botocore/issues/1988
- terraform aws provider - https://github.com/terraform-providers/terraform-provider-aws/issues/10851
- cdk - https://github.com/aws/aws-cdk/issues/5455
- cw - https://github.com/lucagrulla/cw/issues/119
- awsbw - https://github.com/jgolob/awsbw
And, https://github.com/aws/aws-cli/issues/4982 in CLI repo itself!!
This tool is originally based on aws_sso.py script but take different approach and depends only on AWS CLI v2 for get-role-credentials. Well, everything else fail (including boto3) except CLI itself, so...
Someday, we won't need this anymore. But, until then this tool sync up AWS CLI v2 SSO login session to legacy format auto-magically!!
Others
If this tools is not working for you, try the following:
- https://github.com/benkehoe/aws-sso-credential-process
- https://github.com/flyinprogrammer/aws-sso-fetcher
- https://gist.github.com/sgtoj/af0ed637b1cc7e869b21a62ef56af5ac
Develop
- Create virtual environment and then:
pip install '.[dev,test]' .
pytest
python -m unittest
python -m yawsso --debug
- Create issue or pull request welcome
License
MIT License
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file yawsso-0.4.0rc1.tar.gz.
File metadata
- Download URL: yawsso-0.4.0rc1.tar.gz
- Upload date:
- Size: 6.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/47.1.1 requests-toolbelt/0.9.1 tqdm/4.46.0 CPython/3.8.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 76cdaf6b0549c1d8f7d1ddfc564cc4f286effc33c8979b62f86bcd4dd43f208e |
|
| MD5 | 017c3cdd42aa4ca9a1b638d1005b0074 |
|
| BLAKE2b-256 | 363b8ce0fd90289d37a5b0b69d716f26d13a784869bd533b29b67537a2efdce6 |
File details
Details for the file yawsso-0.4.0rc1-py3-none-any.whl.
File metadata
- Download URL: yawsso-0.4.0rc1-py3-none-any.whl
- Upload date:
- Size: 7.1 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.23.0 setuptools/47.1.1 requests-toolbelt/0.9.1 tqdm/4.46.0 CPython/3.8.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | ea6a355e1116cb7721d5fdc72fb8f2289e8db0da410085449e0c109247776226 |
|
| MD5 | 40febde0560f84809944264570c5a054 |
|
| BLAKE2b-256 | 4e4a2954493f367d18328ea8ebf536ffd4d93d2903f02348bff76d8fa1100e4d |
