Fix SSO_START_URL lookup for credential exports #572

cedieio · 2023-12-19T04:20:53Z

What changed?

Use profile.SSOStartURL() instead of profile.AWSConfig.SSOStartURL

Why?

Using profiles with session set and no sso_start_url fails when trying to assume with --export-sso-token

This is caused by directly referencing profile.AWSConfig.SSOStartURL on ExportAccessTokenToCache, which in this case should use profile.SSOStartURL()

Sample profile config

[sso-session test-session]
sso_region = ap-southeast-2
sso_registration_scopes = sso:account:access
sso_start_url = https://test.com/start#

[profile test-profile]
common_fate_generated_from = aws-sso
sso_account_id = 175914186171
sso_role_name = test-role
sso_session = nine

Fix for #571

How did you test it?

dassume --export-sso-token --export

Potential risks

Is patch release candidate?

Link to relevant docs PRs

Use `profile.SSOStartURL()` instead of `profile.AWSConfig.SSOSessionName` when trying to export credentials. This will fail when the config does nont have `SSO_START_URL` set on their config. The `profile.SSOStartURL()` finds it from the session block which provides the correct URL. Fix for common-fate#571.

shwethaumashanker self-requested a review December 19, 2023 22:09

JoshuaWilkes approved these changes Dec 19, 2023

View reviewed changes

JoshuaWilkes merged commit 2960bc4 into common-fate:main Dec 19, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix SSO_START_URL lookup for credential exports #572

Fix SSO_START_URL lookup for credential exports #572

cedieio commented Dec 19, 2023 •

edited

Fix SSO_START_URL lookup for credential exports #572

Fix SSO_START_URL lookup for credential exports #572

Conversation

cedieio commented Dec 19, 2023 • edited

What changed?

Why?

How did you test it?

Potential risks

Is patch release candidate?

Link to relevant docs PRs

cedieio commented Dec 19, 2023 •

edited