assam
assam copied to clipboard
cybozu
[proposal] Allowing to list role names assigned to user
assam allows to specify role to be assumed by specifying --role option.
It is a great feature especially when users are assigned with multiple roles.
But, It is even better if the we get a list of roles, just like GUI.
So, I would like to propose adding a option or subcommands, that allow to list roles associated with profile like following:
assam list-roles --profile test
Let me know this was something fit to this OSS.
Thanks in advance.
@ken5scal Thank you for the suggestion of the new feature. In order for us to consider whether to add this feature to assam, can you tell us what specific use cases you are having trouble with?
Thanks!
@miyajan Thank you for the response.
We usually assign read only role for daily maintenance; however in case of emergency, they may need to adjust some parameters in AWS resources like manually failovering the target group and so on.
In such case, maintenars may not know of exact name of assigned role. Of course, they may ask helps from other colleagues or just read manual; however, allowing them to know their roles enable them to assume-role much quicker and efficiently.
Thanks in advance.
@ken5scal May I ask you an additional question?
We use the following:
However, are you using the following?
So, do you want to list Role A, Role B, and Role C?
Thanks.
@korosuke613 Thanks for clearing the point with the picture. That is correct. We do SSO from single Azure AD to multiple AWS IAM roles.
@ken5scal We have a different use case for the issue, so it is difficult for us to maintain this feature ourselves.
If you can contribute to the implementation and troubleshooting, we can accept that. Is it possible for you to make such contributions?