Skip to content
This repository has been archived by the owner on Oct 15, 2024. It is now read-only.

Support external-ids when authenticating by STS:AssumeRole #826

Closed
wants to merge 2 commits into from
Closed

Support external-ids when authenticating by STS:AssumeRole #826

wants to merge 2 commits into from

Conversation

leftathome
Copy link

Some users may want to use STS to get temporary credentials to run aws-nuke, and in some cases this may mean providing an External-ID header for the STS:AssumeRole action to get credentials.

(See AWS documentation here )

This pull request adds support for the --external-id flag in the CLI, passes the flag for client authentication only when provided and includes documentation for its use in README.

I've been using this code on an internal fork for a few months with no problems.

@leftathome leftathome requested a review from a team as a code owner July 5, 2022 18:00
der-eismann
der-eismann approved these changes Jul 8, 2022
View reviewed changes
README.md
Comment on lines +207 to +208
assuming roles and profiles. The first two methods are passed in at the
command line. The third can be configured in the shared credentials file (ie
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
assuming roles and profiles. The first two methods are passed in at the
command line. The third can be configured in the shared credentials file (ie
assuming roles and profiles. The first two methods are passed in at the
command line. The third can be configured in the shared credentials file (ie

Is there a reason for the two spaces between sentences?

pkg/awsutil/session.go
@@ -37,6 +37,7 @@ type Credentials struct {
SecretAccessKey string
SessionToken string
AssumeRoleArn string
ExternalId string
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
ExternalId string
ExternalID string

I would kindly ask you to write ID in uppercase. I know we are not consistent, but we try to 😄

@iancward
Copy link

iancward commented Feb 1, 2023

This fixes #817

This was referenced Feb 24, 2024
Merged
Merged
@ekristen
Copy link
Contributor

@iancward this was implemented on my fork of aws-nuke, which has recently become the active successor to this project. It was implemented via ekristen/aws-nuke#52

If you should run into any issues, please open an issue over there.

Please see a copy of the notice from the README about the deprecation of this project. Sven was kind enough to grant me access to help triage and close issues and pull requests that have already been addressed in the actively maintained fork. Some additional information is located in the welcome issue for more information.

Caution

This repository for aws-nuke is no longer being actively maintained. We recommend users to switch to the actively maintained fork of this project at ekristen/aws-nuke.
We appreciate all the support and contributions we've received throughout the life of this project. We believe that the fork will continue to provide the functionality and support that you have come to expect from aws-nuke.
Please note that this deprecation means we will not be addressing issues, accepting pull requests, or making future releases from this repository.
Thank you for your understanding and support.

@ekristen ekristen closed this Sep 13, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@der-eismann der-eismann der-eismann approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@leftathome @iancward @ekristen @der-eismann