Add option to export all profiles available to user in JSON blob

[MasterNayru]

Description

I want to write a CLI tool that allows me to generate a config JSON for this extension where I can provide the existing JSON and then perform updates on it. My idea is that I could provide the file provided by this export to something to help automate the setting of colours on different roles based on the account being accessed, name of the permission set, etc.

Right now this is not possible for two reasons:

• The export currently only contains profiles where I have changed some value from its default value
• I have no way of knowing which profile ID maps to which profile other than to manually set some name in the profile to indicate which one is which

It would also be super helpful if this option could also dump information in each profile blob as to what account ID, permission set name, etc. is being dumped. I don't believe that I would be able to access the profile IDs associated with each profile that I can assume through boto3/AWS CLI calls, etc. using my own credentials

[WTFender]

@MasterNayru the profile IDs are actually the "permission set" ID from AWS Identity Center.

Your AWS admin should be able to give you a full list of the permissions set IDs assigned in your AWS organization.

That said, you can use Storage Area Explorer in devtools to inspect the extension and see all of the profile IDs your SSO user has access to - look for aws-sso-ext-user-<userid>

      "appProfileIds": [
        "p-4659d0b31935d8af",
        "p-7977aadd145dad95",
        "p-182a002886854454",
        "p-6fb776900780b22b",
        "p-af236d7b1e79c12a",
        "p-06f49828ed03e1ff",
        "p-85d7f0e8a7c69c2e"
      ]

I'm looking into adding settings where you could apply customizations by the AWS account ID or role name, not specifically the profile, but it's a ways off.

[MasterNayru]

The permission set ID start with ps- and have a totally different set of numbers after them, so I do not believe that a profile ID and permission set ID are the same.

The problem with the list of IDs as they are is that I then have no way of knowing which profile ID maps to which permissions set.

If you do know of a way to obtain the profile ID for an assigned permission set, then I would prefer to use boto3 calls to grab this information, to be honest. The motivation for creating this issue was that I had done some investigation trying to work out how to get this information from boto3 and couldn't.

[WTFender]

Oh you're right - I must have had a fuzzy brain last night.

Those IDs come from the assignment of a permission set to an AWS account/app in Identity Center.

I'm not actually aware of how to retrieve that list of IDs (or assignments) through the AWS/boto3 API.

The way I'm getting them is by scraping the AWS SSO API directly after you login - see details here.. Hope that helps a little!

[MasterNayru]

I have read through the code and tried to actually construct a PR to allow the user to click a button to dump the config out because you do keep all of the profile information that I need in the browser's local storage even if it's not actually persisted into the JSON config object. My JS is next to zero, so I was only able to modify it to always dump every profile, which obviously we wouldn't want as a default behaviour.

The other problem is that, since you can't pull the IDs out from anywhere else, additional information would be needed to allow someone to know which ID mapped to which account/role combination. Again, you are keeping this information in local storage, but that data isn't being persisted into the config object managed by the extension.

My hope was that at least the feature could be considered as the work it would take for me to work out how to automate getting someone to log in and scrape all of this data out myself to help my colleagues out would take me forever. It's so frustrating that these IDs aren't available in some boto3 call. :/