Ben Kehoe

icon company Siemens icon location Nuremberg, DE icon location AWS Serverless Hero

Results 225 comments of Ben Kehoe

Check if profile exists command

If the profiles have known contents, you can have your tools write a config file containing them and use the `AWS_CONFIG_FILE` variable to point at it, eliminating the need for...

Add flags to skip prompts for `aws configure sso`

I'm supportive of this change. [`aws-sso-util configure populate`](https://github.com/benkehoe/aws-sso-util/blob/master/docs/configure.md#aws-sso-util-configure-profile) works in this manner.

Proposal: Static Websites

I'd like CodeUri to be able to be either a list, overlaying multiple directories into the same space, or a map, with the keys being prefixes. I'm on board with...

Provide way to get current credentials (AWS SDKs do not support SSO)

I've also written a utility in Python that supports AWS SSO credentials. https://github.com/benkehoe/aws-export-credentials

Clients and resources should be cached

I think my ideal opt-in interface might be like ```python session = boto3.Session(caching=True) # maybe allow an option for a cache object to be provided client1 = session.client("s3") client2 =...

Clients and resources should be cached

Client caching doesn't affect credential refreshing. [The credential provider](https://github.com/boto/botocore/blob/ae44d1de241c13626d05a9301cf62e460833c950/botocore/credentials.py#L1845) that handles web identity tokens (used for EKS service roles) automatically deals with expiration and refreshing. You don't need to get...

Clients and resources should be cached

@mbelang The session itself represents configuration and credentials. It doesn't need caching *internal* to boto3, but it's intended to be passed around in your code wherever clients/resources are needed (and...

Allow using AWS_ROLE_ARN to assume role without web identity

@vaisakhpisharody This request would require a new [`botocore.credentials.CredentialProvider`](https://github.com/boto/botocore/blob/07f6d30f34153c376e6d1b1d46f0338c6a5364fa/botocore/credentials.py#L895) subclass or an update to [`botocore.credentials.AssumeRoleProvider`](https://github.com/boto/botocore/blob/07f6d30f34153c376e6d1b1d46f0338c6a5364fa/botocore/credentials.py#L1327), which currently doesn't look at environment variables (unlike [`AssumeRoleWithWebIdentityProvider`](https://github.com/boto/botocore/blob/07f6d30f34153c376e6d1b1d46f0338c6a5364fa/botocore/credentials.py#L1636)). For programmatic role assumption, I opened PR...

Allow using AWS_ROLE_ARN to assume role without web identity

@vaisakhpisharody The original request is that there is an environment variable that cause a role to be assumed based on other AWS credentials. This would need to be implemented in...

Allow `__init__` and `__new__` to return `NoReturn`

Today I discovered that I can't annotate a class as unable to be instantiated through `__init__() -> NoReturn`. I'd love to see this PR merged!