vegas-credentials
vegas-credentials copied to clipboard
Docs: clarify configuration properties placement requirements
Describe the bug Documentation could state that certain properties can be defined only in the source profile. These are:
- vegas_yubikey_serial,
- vegas_yubikey_label,
- and most likely mfa_serial
It makes technically kind of sense to define these properties only once in the source profile as there may be only a single MFA in AWS at the moment. However first time users need not understand how this AWS limitation affects configuration (eg. they may think sections are merged).
System (please complete the following information):
- OS: Linux
- OS Version: N/A
- Tool Version: e57a6009bc6abf91dac3c4d57a6e0842887554d1
- Tool Installation Method: self-compiled
- Credential Process invoked via: directly (debugging)
To Reproduce
$HOME/.aws.config
where vegas_yubikey_serial
and vegas_yubikey_label
are not found:
[profile work]
region = eu-central-1
mfa_serial = arn:aws:iam::431378790335:mfa/radek.dvorak
output = json
[profile sandbox]
credential_process = /home/radek/bin/vegas-credentials assume --profile=sandbox
vegas_source_profile = work
vegas_role_arn = arn:aws:iam::186583659222:role/Some-Role
vegas_yubikey_serial= 1234567
vegas_yubikey_label = aws/iam/431378790335:radek.dvorak
Expected behavior Documentation states which properties are recognized in which ini section.