Please provide support for AWS SSO

[pcolmer]

Context

We're trying to migrate to using AWS SSO for all user authentication. Initial testing suggests that ecs-cli doesn't work with SSO authentication. Various errors are reported depending on what we try to do, e.g.:

$ ecs-cli configure profile --profile-name QA_Admin-495570029050
FATA[0000] secret-key can not be empty

That makes sense because the specified profile is an SSO profile and there are no hardwired secrets.

Trying to use --aws-profile instead gives this error:

FATA[0024] Error executing 'up': NoCredentialProviders: no valid
providers in chain
caused by: EnvAccessKeyNotFound: failed to find credentials in the environment.
SharedCredsLoad: failed to load profile, QA_Admin-495570029050.

Alternatives

Since credentials returned from AWS SSO typically only last one hour, it would be painful to keep on updating the ecs-cli profile with the current secret values.

Has the feature been requested before?

Not as far as I can tell by searching.

[dank7723]

+1, yes, please. this would really simplify dev workflows.

[gwynnarth]

AWS CLI v2 is GA and using SSO is something that will become much more common, I think. We're migrating to it as well, but hitting roadblocks like this one.

As a stop-gap solution we're using https://github.com/victorskl/yawsso but it's just a workaround, therefore proper support for AWS SSO would be very much welcome.

[mberchon]

+1 Please provide SSO support for AWS-ECS-CLI so DEVs & OPs can have an homogeneous authentication experience across CLIs

[arnaudmm]

+1

[kyledecot]

+1

[13bm]

+1

[atanas-ampeco]

+1