aws-extend-switch-roles icon indicating copy to clipboard operation
aws-extend-switch-roles copied to clipboard

Published 20 hours ago verified publisher icon tilfinltd

Source_role does not work

Open towerbe opened this issue 2 years ago • 3 comments

When I try to configure a second profile using the first profile as its source no profiles show up in the list at all.

To Reproduce Steps to reproduce the behavior:

  1. configure an initial profile such as the following. [profile devops-infra-tagger] aws_account_id = 000000000000 role_name = CDDOTagging color = 3b9170

Everything works fine.

  1. Add a second profile using the first profile as the source_role as follows

[profile dhitagger] role_arn = arn:aws:iam::111111111111:role/CDDOTagging source_profile = devops-infra-tagger

  1. Got to the extension in the browser (when already logged into AWS) an no profiles show up
image

I use this method for CLI connections all the time with no issues. Also am following your configuration instructions. Don't understand why this is not working.

Expected behavior The profile list should display and be pickable as per your instructions.

Environment

  • OS: [e.g. iOS] Windows 10
  • Browser: Chrome
  • Version: Latest (just updated today)

towerbe avatar Nov 10 '23 16:11 towerbe

When the profile "dhitagger" is set, "devops-infra-tagger" is recognized as the base account. Therefore, the role "CDDOTagging" is not a switch target, but a condition of the role immediately after signing.

tilfin avatar Nov 12 '23 02:11 tilfin

Using this exact configuration in ~/aws/config works perfectly. I do not understand your response, and it also follows your documentation.

On Sat, Nov 11, 2023, 8:38 PM Toshimitsu Takahashi @.***> wrote:

When the profile "dhitagger" is set, "devops-infra-tagger" is recognized as the base account. Therefore, the role "CDDOTagging" is not a switch target, but a condition of the role immediately after signing.

— Reply to this email directly, view it on GitHub https://github.com/tilfinltd/aws-extend-switch-roles/issues/333#issuecomment-1806981285, or unsubscribe https://github.com/notifications/unsubscribe-auth/AEF6HOVX5ABJLT2VOODUGBDYEAZCZAVCNFSM6AAAAAA7GN5URWVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMBWHE4DCMRYGU . You are receiving this because you authored the thread.Message ID: @.***>

towerbe avatar Nov 12 '23 02:11 towerbe

@towerbe It is not possible to share exactly the same settings as ~/.aws/config.

Adding 'dhitagger' makes 'devops-infra-tagger' changed from a profile of Simple Configuration to an base account of Complex Configuration.

tilfin avatar Nov 13 '23 02:11 tilfin