mozilla-aws-cli
mozilla-aws-cli copied to clipboard
mozilla-iam
DEPRECATED. A command line tool to allow users to log into AWS with their federated identity using Single Sign On and obtain ephemeral API keys. This is no longer in use in Mozilla SSO/IAM, as of Sept...
This adds a (by default disabled) feature which produces a full export of every discovered AWS IAM Role that is in the group role map. This full export includes the...
1. Pull [the check for a matching claim in an IAM Role policy](https://github.com/mozilla-iam/mozilla-aws-cli/blob/b1594c3dbbf97d999a3e53e66ee3ddf81806c805/cloudformation/group_role_map_builder/functions/group_role_map_builder.py#L288-L293) out into a function which checks an element of the policy to see if it has a...
Update the idtoken_for_roles so that When the function [checks to see if a given group is part of the user's claimed group list](https://github.com/mozilla-iam/mozilla-aws-cli/blob/b1594c3dbbf97d999a3e53e66ee3ddf81806c805/cloudformation/idtoken_for_roles/functions/idtoken_for_roles.py#L134), do so by calling a function that's...
It sounds like [AWS Identity Center](https://aws.amazon.com/iam/identity-center/) may now provide the functionality that mozilla-aws-cli provides. Here's [a deck by Andrew Krug](https://docs.google.com/presentation/d/1V1yJdOT-muj_XbypLBqn25VjZ_XMJXnvyN_73RSrdLI/edit#slide=id.p) on it that may help. Let's figure out if we...
Currently we require users to execute maws in a subshell (with a command like `$(maws)`) and then execute the output from that subshell (which outputs something like `source /tmp/foo.tmp`). This...
Extend the group role map builder account alias function to accommodate other data producers by only updating records in the alias map instead of overwriting the map. This will allow...
By default (in the WSL in windows) when running maws, it augments the prompt by adding `(maws_profile)` which isn't very useful. This should be something more descriptive.
Should users be using the Windows Subsystem for Linux? cmd.exe? Git Bash mingw64? I can confirm, talking to a user today, that the windows subsystem for linux definitely works with...
Is is possible to use websockets to enable the browser and listener to communicate instead of the `/heartbeat` polling endpoint. This would solve problems related to anything that exceeds the...
Currently there aren't any unit tests which do an end to end test, running `maws`, spawning a browser, provisioning STS credentials and getting environment variables. We should create this.
Metadata
Owner
Metadata
DEPRECATED. A command line tool to allow users to log into AWS with their federated identity using Single Sign On and obtain ephemeral API keys. This is no longer in use in Mozilla SSO/IAM, as of Sept...