Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support an AWS SSO profile as the initial credential source #253

Merged
merged 4 commits into from
Apr 29, 2020
Merged

support an AWS SSO profile as the initial credential source #253

merged 4 commits into from
Apr 29, 2020

Conversation

ITProKyle
Copy link
Collaborator

Closes #251

Why This Is Needed

The publicly released version of botocore does not support using credentials from an AWS SSO profile configure with awscli>=2.0.0.

This means that if the environment variable AWS_PROFILE is set to a profile name that was configured with the command aws configure sso --profile <name>, anything that uses botocore to load credentials (like boto3) will raise NoCredentialsError.

This issue is not limited to botocore/boto3, it also effects current releases Serverless Framework and Terraform.

What Changed

Added

  • extension of botocore.session.Session that includes the assets required to use AWS SSO profiles as provided in awscli==2.0.0.dev13 (unpublished)

Changed

  • get_session passes the extended botocore.session.Session session to boto3.Session so that it can make use of AWS SSO profiles

@ITProKyle ITProKyle added the feature Request or pull request for a new feature label Apr 23, 2020
@troyready
Copy link
Contributor

Looks great to me at a glance, nice work.

@ITProKyle ITProKyle marked this pull request as ready for review April 23, 2020 22:40
@ITProKyle ITProKyle changed the title add poc aws sso support support an AWS SSO profile as the initial credential source Apr 23, 2020
@ITProKyle ITProKyle requested a review from troyready April 23, 2020 22:42
@troyready troyready merged commit e34f62f into rackspace:master Apr 29, 2020
@ITProKyle ITProKyle deleted the feature/aws-sso branch May 15, 2020 18:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@troyready troyready troyready approved these changes

Assignees
No one assigned
Labels
feature Request or pull request for a new feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[REQUEST] support an AWS SSO profile as the initial credential source
2 participants
@ITProKyle @troyready