Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Why can't the CLI generate the config if I can see all the accounts and roles in the SSO start page? That's a desperately needed feature.

I would love to see a browser extension for SSO account tabs if AWS can't solve it natively.



Depending on your SSO provider, you can list all the roles using saml2aws[0] and then parse the output so you can generate the relavant config. It is a bit tedious, but it works.

[0] https://github.com/Versent/saml2aws/


`aws configure sso` does that, but:

1 - You need to do that with each account / role pair

2 - It gives profiles very long names by default (<role>-<account_number>)

3 - It does not set $AWS_PROFILE, so you need to pass `<...> --profile <...>` manually

So the code is actually there already, they just need to make the experience better.


I imagine most are like me and after doing this once or twice falls back to a text editor.


Another complaint I have is that afaik none of the SDKs have any kind of API for SSO login.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: