npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

aws-sso-switcher

v1.1.3

Published

Tool for easier AWS SSO using AWS CLI and AWS SDK libraries.

Downloads

22

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

patrykmilewskipatrykmilewski

Keywords

awsssoprofileswitcheraws-clisingle-sign-on

Readme

aws-sso-switcher

Install and Setup

npm install -g aws-sso-switcher

Then set up your ~/.aws/config to have profiles with SSO configuration, like in example:

[profile your-profile-sso]
role_arn=arn:aws:iam::123456789012:role/ssoRoleName
source_profile=sso-source-profile-name
region=eu-west-1

[profile your-profile]
credential_process = sso-credential-process --profile your-profile-sso
region=eu-west-1

[profile sso-source-profile-name]
sso_start_url = https://example.com
sso_region = eu-central-1
sso_account_id = 123456789012
sso_role_name = SSORoleName
region = eu-west-1

CLEAR your ~/.aws/credentials file from any settings for profiles:

  • [default] (not sure if really required)
  • [profile your-profile-sso]
  • [profile your-profile]
  • [profile sso-source-profile-name]

Setup constant env variables:

  • AWS_PROFILE=your-profile
  • AWS_SDK_LOAD_CONFIG=1 - only needed for AWS SDK, forces to use credential_process by SDK

Now:

  • your-profile can be used, by simply pointing it by AWS_PROFILE=your-profile or any other way of choosing active profile supported by AWS SDK/CLI (aws s3 ls --profile your-profile)
  • your-profile-sso can be used normally by sourcing env variables with credentials, when you can simply call source sso-switch --profile your-profile-sso, then credentials will be available for the console session, that called the command

Serverless Framework, Amplify etc.

If you want to use SSO credentials with frameworks, that make use of AWS SDK/CLI for you, you might run into some problems.

Recommended way of solving it is by simply using env variables sourcing with source sso-switch --profile your-profile-sso

How it works?

sso-credential-process

AWS CLI/SDK supports sourcing credentials by using external process, as it's described in AWS docs.

This tool uses this approach, which makes SSO transparent to developer.

If you are having any problems with sso-credential-process, simply check if command sso-credential-process --profile your-profile-sso outputs correct JSON with credentials or try removing the cache.

sso-switch

To workaround problems with Serverless Framework and other tools, when trying to use AWS CLI v2 SSO feature, this script simply exports:

AWS_ACCESS_KEY_ID
AWS_SECRET_ACCESS_KEY
AWS_SESSION_TOKEN

which later are used in your shell. Values for those variables are extracted out of temporary Credentials, that are obtained with aws sts assume-role call.

You need to have those env variables set in your current session. Because of this, if you simply run sso-switch without source before command, it will start a new process, which will have those set up, but after process is finished, it will be simply cleared and won't affect your current process.

That's why it's important to use it this way source sso-switch

sso-wrapper

Another workaround for Serverless Framework issues is to use sso-wrapper. Set AWS_PROFILE=your-profile and run:

sso-wrapper -- serverless deploy

In general, you can run any command with sso-wrapper. It doesn't affect your current session.

Debugging Jetbrains IDEs (Webstorm, IntelliJ, Pycharm etc.)

Simply use profile without sso suffix, by setting up env variable AWS_PROFILE=your-profile

Using with Jest

Simply set env variables AWS_PROFILE=your-profie and AWS_SDK_LOAD_CONFIG=1 before running tests. Jest has a lot of different ways to achieve this.

Caching

This tool is caching credentials for 30 minutes in ~/.aws/sso-switcher/cache directory, because without caching AWS CLI/SDK will always fetch new session tokens, which is very slow.

Manually caching in that case is officially recommended in AWS docs.

Cache can be cleared using this switch:

source sso-switch \
  --profile <aws-profile-name> \
  --clear-cache "true"