aws
How to STS assume role
System details (run the AWS: About Toolkit command)
In the Vscode AWS toolkit extension
Question
Can I set the toolkit to use one of my profiles, then get a session (STS Assumption) and show resources based on the assumed role?
AWS Toolkit can use profiles defined with role_arn and source_profile https://github.com/aws/aws-toolkit-vscode/issues/620 . But Toolkit doesn't have special support for selecting a profile and then modifying its configuration. The profile needs to be configured in ~/.aws/credentials , then AWS Toolkit can use it.
set the toolkit to use one of my profiles, then get a session (STS Assumption)
Can you describe the exact steps that define "get a session". Are you using aws cli (what exact commands?)? Or are you expecting the Toolkit to have a feature that mimics the aws cli commands (what exact commands?).
Many times, we have a use case where we only have access to an account/resource by using one role/user as a source (which we set in our credentials and profile) and then assume another IAM role to access the resource.
So for instance, in cli we use aws sts assume-role --profile $SOURCE_PROFILE --role-arn $ROLE_ARN and then set AWS_ACCESS_KEY_ID , AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN, on the shell and environment variables to access the target resources.
It would be super useful if aws-toolkit could do the same and allow us to access the resources in the explorer after using the assumed role.