linux/ohmyzsh
1
0
Fork 0
mirror of https://github.com/ohmyzsh/ohmyzsh.git synced 2025-12-19 02:02:32 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(aws): add SSO login support to acp command

Browse source 
- Add _aws_profile_uses_sso() helper function to detect SSO configuration
- Modify acp() function to automatically perform SSO login when needed
- Support both direct SSO profiles and role profiles with SSO source profiles
- Update README.md to document the new SSO functionality

Fixes #10004
This commit is contained in:
Paul Frederiksen 2025-09-19 09:58:14 -07:00
commit 8d095c1339
2 changed files with 30 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

28
plugins/aws/aws.plugin.zsh
View file

@ -98,6 +98,27 @@ function acp() {
local profile="$1"
local mfa_token="$2"
# Check if profile uses SSO and perform SSO login if needed
if _aws_profile_uses_sso "$profile"; then
echo "Profile '$profile' uses SSO. Performing SSO login..."
aws sso login --profile "$profile"
if [[ $? -ne 0 ]]; then
echo "${fg[red]}SSO login failed for profile '$profile'${reset_color}" >&2
return 1
fi
else
# Check if source profile uses SSO (for role assumption)
local source_profile="$(aws configure get source_profile --profile $profile)"
if [[ -n "$source_profile" ]] && _aws_profile_uses_sso "$source_profile"; then
echo "Source profile '$source_profile' uses SSO. Performing SSO login..."
aws sso login --profile "$source_profile"
if [[ $? -ne 0 ]]; then
echo "${fg[red]}SSO login failed for source profile '$source_profile'${reset_color}" >&2
return 1
fi
fi
fi
# Get fallback credentials for if the aws command fails or no command is run
local aws_access_key_id="$(aws configure get aws_access_key_id --profile $profile)"
local aws_secret_access_key="$(aws configure get aws_secret_access_key --profile $profile)"
@ -244,6 +265,13 @@ function aws_profiles() {
grep --color=never -Eo '\[.*\]' "${AWS_CONFIG_FILE:-$HOME/.aws/config}" | sed -E 's/^[[:space:]]*\[(profile)?[[:space:]]*([^[:space:]]+)\][[:space:]]*$/\2/g'
}
# Check if a profile uses SSO
function _aws_profile_uses_sso() {
local profile="$1"
local sso_start_url="$(aws configure get sso_start_url --profile $profile 2>/dev/null)"
[[ -n "$sso_start_url" ]]
}
function _aws_regions() {
reply=($(aws_regions))
}