nordcloud / assume-role-arn Goto Github PK
View Code? Open in Web Editor NEW🤖🎩assume-role-arn allows you to easily assume an AWS IAM role in your CI/CD pipelines, without worrying about external dependencies.
🤖🎩assume-role-arn allows you to easily assume an AWS IAM role in your CI/CD pipelines, without worrying about external dependencies.
https://github.com/nordcloud/assume-role-arn/releases/tag/v0.3.6 doesn't contain an assume-role-arn-linux and assume-role-arn-osx yet.
I've downloaded assume-role-arn v0.3.8 and when executing:
bash-5.0# assume-role-arn -version assume-role-arn v0.3.4 (23d9db18bb7982c33708c8cd59c72d97b284fe4c)
This is the case for both osx and linux versions.
It seems that the version is not bumped after release 0.3.4:
https://github.com/nordcloud/assume-role-arn/blob/master/cmd/assume-role-arn/version.go
FATA[0005] failed to assume role error=“NoCredentialProviders: no valid providers in chain. Deprecated.\n\tFor verbose messaging see aws.Config.CredentialsChainVerboseErrors”
Newer AWS SDK versions address this issue, PR #129 would fix it
When downloading the binary from releases and using it according to the guide I'm getting the following error:
xxx@xxx ~> eval $(assume-role-arn -profile xxx -verbose)
/usr/local/bin/assume-role-arn: line 1: syntax error near unexpected token `<'
/usr/local/bin/assume-role-arn: line 1: `<html><body>You are being <a href="https://github-releases.githubusercontent.com/xxx/uuid?X-Amz-Algorithm=xxx&X-Amz-Credential=xxx&X-Amz-Date=xxx&X-Amz-Expires=xxx&X-Amz-Signature=xxx&X-Amz-SignedHeaders=xxx&actor_id=xxx&key_id=xxx&repo_id=xxx&response-content-disposition=attachment%3B%20filename%3Dassume-role-arn-osx&response-content-type=application%2Foctet-stream">redirected</a>.</body></html>'
When following the redirect url I'm getting
<Error>
<Code>AccessDenied</Code>
<Message>Request has expired</Message>
<X-Amz-Expires>300</X-Amz-Expires>
<Expires>2021-08-09T06:07:12Z</Expires>
<ServerTime>2021-08-09T06:40:19Z</ServerTime>
<RequestId>xxx</RequestId>
<HostId>xxx/xxx</HostId>
</Error>
I've solved the problem after cloning the repository and building it locally. It could be related with the fact that I'm using Macbook with M1 chip (runtime.GOOS = darwin, runtime.GOARCH = arm64), while the binary is prepared for Intel chipset (GOOS = darwin, but no GOARCH in Makefile
).
Maybe it would be nice to cross-compile and release the binaries for more OS/architectures?
Travis is making some unclear moves regarding open-source projects, let's switch to GitHub Actions.
Remember about TRAVIS_TAG in Makefile that needs to be replaced.
It reads wrong MFA serial
Even if you set ignoreCache, assume-role-arn is trying to cache the credentials. this should not happen. Now when you run the tool in e.g. alpine docker image you keep seeing these:
time="2019-12-01T22:58:57Z" level=error msg="failed to cache credentials" error="open /root/.cache/assume-role-be62a54dd201c68e3a76a37b682f78dd21bf46b31f781423d80606e252c53b96: no such file or directory"
Even though the -ignoreCache
flag was passed.
After GH Actions switch (depends on #52) we can sign a binary for MacOS with company's certificate.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.