Support new auto refresh token method

Question

Support new auto refresh token method

ArjunDandagi opened this issue a year ago · comments

I am using the latest release of AWS Vault
I have provided my .aws/config (redacted if necessary)
I have provided the debug output using aws-vault --debug (redacted if necessary)

The AWS cli doc is now supporting a new way of login to sso
https://docs.aws.amazon.com/cli/latest/userguide/sso-configure-profile-token.html

while the old legacy way of sso login is already supported by aws-vault
could we get an implementation of the new sso-session way of login to the aws accounts

currently this works fine

[profile stage]
region=eu-west-1
credential_process=aws-vault exec --json stage-sso

[profile stage-sso]
sso_start_url=https://mycompany.awsapps.com/start
sso_account_id = 12344556484
sso_role_name = DeveloperAccess
sso_region=eu-west-1
region = eu-west-1

this settings is not working with aws-vault

[profile dev-pci]
region=eu-west-1
credential_process=aws-vault exec --prompt=osascript --json dev-pci-sso

[sso-session mycompany]
sso_start_url = https://mycompany.awsapps.com/start
sso_region = eu-west-1
sso_registration_scopes = sso:account:access

[profile dev-pci-sso]
sso_session = mycompany
sso_account_id = 123456092714
sso_role_name = DeveloperAccess
region = eu-west-1

Michael Tibben · Answer 1 · Sat Feb 18 2023 06:25:23 GMT+0800 (China Standard Time)

This is supported on master branch and in latest pre release