gimme-aws-creds icon indicating copy to clipboard operation
gimme-aws-creds copied to clipboard

Published 20 hours ago verified publisher icon Nike-Inc

Automate prompt for mfa, app, role selections

Open odg0318 opened this issue 2 years ago • 0 comments

Description

I implemented that the prompts can be skipped by configuring ~/.okta_aws_login_config and command line arguments.

Related Issue

  • https://github.com/Nike-Inc/gimme-aws-creds/pull/342

Motivation and Context

To get AWS credentials, multiple prompts are required like the followings.

$ gimme-aws-creds --profile default
Using password from keyring for [email protected]
Multi-factor Authentication required.
Detected preferred provider in config: GOOGLE
Enter verification code:
done

Pick an app:
[0] AWS Dev
[1] AWS Ops
[2] AWS Prod
Selection: 2
Pick a role:
[0] arn:aws:iam::1234567890:role/XXX
[1] arn:aws:iam::1234567891:role/XXX
Selections (comma separated): 1
Saving arn:aws:iam::1234567891:role/XXX as default
Written profile default to /Users/krust/.aws/credentials

Because of the prompts, it is impossible to automate process to get AWS credentials. With my codes, the process will be changed like the following.

$ gimme-aws-creds --profile default --okta-app 2 --okta-role 1
Using password from keyring for [email protected]
Multi-factor Authentication required.
Detected preferred provider in config: GOOGLE
Enter verification code:
done

Detected app in config: AWS Prod
Detected role in config: arn:aws:iam::1234567891:role/XXX
Saving arn:aws:iam::1234567891:role/XXX as default
Written profile default to /Users/krust/.aws/credentials

$ cat ~/.okta_aws_login_config | grep mfa
preferred_mfa_type = token:software:totp
preffered_mfa_provider = GOOGLE

How Has This Been Tested?

I manually tested the code in my local. If you have any idea to test this code, please let me know.

Screenshots (if appropriate):

Types of changes

  • [ ] Bug fix (non-breaking change which fixes an issue)
  • [x] New feature (non-breaking change which adds functionality)
  • [ ] Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • [x] My code follows the code style of this project.
  • [x] My change requires a change to the documentation.
  • [x] I have updated the documentation accordingly.
  • [x] I have read the CONTRIBUTING document.
  • [ ] I have added tests to cover my changes.
  • [ ] All new and existing tests passed.

odg0318 avatar Jun 18 '22 14:06 odg0318