jkueh / roo Goto Github PK
View Code? Open in Web Editor NEWA little utility to help you hop from an 'authentication' AWS account to another account with caching and MFA.
License: Apache License 2.0
A little utility to help you hop from an 'authentication' AWS account to another account with caching and MFA.
License: Apache License 2.0
Need to double check that it works as intended, and document or fix any weird behaviours
This is a neat tool! Unfortunately due to $reasons I have some software on my machine that can only authenticate via an AWS profile. It would be awesome if the tool could also write out credentials to a profile, perhaps defined in the config file.
That would allow me to use this with Jetbrains crap the nameless software.
This would be good for a first-run experience, as it'd allow people to immediately start editing a config file.
e.g. when using roo -role my-alias
where a role with the alias my-alias
is first in the list of two or more, it will select the second role instead.
For my workflow, I need to have a consistent profile name. This aligns with the role I'm trying to assume. Rather than specifying this on the CLI each time, I'd like an option in the configuration file to specify it.
Along with #7, that would allow me to simply type roo delete-prod-role
, which would be the ultimate ease-of-use!
Some commands will prompt for user input.
There's only so long I can deal with scrolling through a 300+ line script ๐
To show the configured roles, and their ARNs and aliases.
I would really like to be prompted for the MFA code, rather than having to specify it on the CLI. Could this please be considered? I think it would make roo
easier to use :)
Documentation: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html
This would be useful for those that want to jump into a temporary AWS (web) console session.
Right now, the version information only appears if you're using a release created via GitHub actions (as it's baked in at build time).
People installing via go get github.com/jkueh/roo
will not have a version set, so we'll need to do something about that.
If that's not reasonably possible (e.g. if I don't want to update a package variable every time I'm about to push a tag), then this will be a documentation update for the preferred installation method.
To reproduce:
roo -role role_alias_here
Wait for it to prompt for the MFA code, then attempt to hit enter when done - Will keep prompting for MFA code.
As per guidance here: https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/handling-errors.html
TL;DR: There's a way to handle AWS-specific errors.
Right now everything's command-parameter-y, and while that works, it can be a bit confusing when it comes to behaviour precedence.
It would be good to be able to specify roo write
, or roo exec
, with each subcommand having their own set of flags.
https://gobyexample.com/command-line-subcommands
This will most likely also resolve #11.
Suggestion came through to allow for a role to be flagged as the 'default' role so that we don't have to provide the -role
flag each time, e.g.
roles:
- name: test
default: true
...
Thanks, I hate it.
Output from logs after passing the MFA code input:
2020/12/03 17:49:36 WARNING: Unable to set the file mode on the cache file C:\Users\Jordan Kueh\.roo\cache\[account_number_redacted]-ReadOnly.gob - chmod C:\Users\Jordan Kueh\.roo\cache\[account_number_redacted]-ReadOnly.gob: not supported by windows
2020/12/03 17:49:36 An error occurred while trying to execute command: exec: "/usr/bin/env": file does not exist
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.