diff options
| -rw-r--r-- | .github/config-schema.json | 2 | ||||
| -rw-r--r-- | docs/config/README.md | 3 | ||||
| -rw-r--r-- | src/configs/aws.rs | 3 | ||||
| -rw-r--r-- | src/modules/aws.rs | 22 |
4 files changed, 28 insertions, 2 deletions
diff --git a/.github/config-schema.json b/.github/config-schema.json index 22b938e0c..a036fddb8 100644 --- a/.github/config-schema.json +++ b/.github/config-schema.json @@ -1847,7 +1847,7 @@ "definitions": { "AwsConfig": { "title": "AWS", - "description": "The `aws` module shows the current AWS region and profile and an expiration timer when using temporary credentials. The output of the module uses the `AWS_REGION`, `AWS_DEFAULT_REGION`, and `AWS_PROFILE` env vars and the `~/.aws/config` and `~/.aws/credentials` files as required.\n\nThe module will display a profile only if its credentials are present in `~/.aws/credentials` or if a `credential_process` or `sso_start_url` are defined in `~/.aws/config`. Alternatively, having any of the `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, or `AWS_SESSION_TOKEN` env vars defined will also suffice. If the option `force_display` is set to `true`, all available information will be displayed even if no credentials per the conditions above are detected.\n\nWhen using [aws-vault](https://github.com/99designs/aws-vault) the profile is read from the `AWS_VAULT` env var and the credentials expiration date is read from the `AWS_SESSION_EXPIRATION` or `AWS_CREDENTIAL_EXPIRATION` var.\n\nWhen using [awsu](https://github.com/kreuzwerker/awsu) the profile is read from the `AWSU_PROFILE` env var.\n\nWhen using [`AWSume`](https://awsu.me) the profile is read from the `AWSUME_PROFILE` env var and the credentials expiration date is read from the `AWSUME_EXPIRATION` env var.", + "description": "The `aws` module shows the current AWS region and profile and an expiration timer when using temporary credentials. The output of the module uses the `AWS_REGION`, `AWS_DEFAULT_REGION`, and `AWS_PROFILE` env vars and the `~/.aws/config` and `~/.aws/credentials` files as required.\n\nThe module will display a profile only if its credentials are present in `~/.aws/credentials` or if a `credential_process` or `sso_start_url` are defined in `~/.aws/config`. Alternatively, having any of the `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, or `AWS_SESSION_TOKEN` env vars defined will also suffice. If the option `force_display` is set to `true`, all available information will be displayed even if no credentials per the conditions above are detected.\n\nWhen using [aws-vault](https://github.com/99designs/aws-vault) the profile is read from the `AWS_VAULT` env var and the credentials expiration date is read from the `AWS_SESSION_EXPIRATION` or `AWS_CREDENTIAL_EXPIRATION` var.\n\nWhen using [awsu](https://github.com/kreuzwerker/awsu) the profile is read from the `AWSU_PROFILE` env var.\n\nWhen using [`AWSume`](https://awsu.me) the profile is read from the `AWSUME_PROFILE` env var and the credentials expiration date is read from the `AWSUME_EXPIRATION` env var.\n\nWhen using [aws-sso-cli](https://github.com/synfinatic/aws-sso-cli) the profile is read from the `AWS_SSO_PROFILE` env var.", "type": "object", "properties": { "format": { diff --git a/docs/config/README.md b/docs/config/README.md index 0bb393fcb..25b52b0d9 100644 --- a/docs/config/README.md +++ b/docs/config/README.md @@ -383,6 +383,9 @@ date is read from the `AWSUME_EXPIRATION` env var. When using [saml2aws](https://github.com/Versent/saml2aws) the expiration information obtained from `~/.aws/credentials` falls back to the `x_security_token_expires` key. +When using [aws-sso-cli](https://github.com/synfinatic/aws-sso-cli) the profile +is read from the `AWS_SSO_PROFILE` env var. + ### Options | Option | Default | Description | diff --git a/src/configs/aws.rs b/src/configs/aws.rs index 92e981d4d..22be05422 100644 --- a/src/configs/aws.rs +++ b/src/configs/aws.rs @@ -27,6 +27,9 @@ use std::collections::HashMap; /// When using [`AWSume`](https://awsu.me) the profile /// is read from the `AWSUME_PROFILE` env var and the credentials expiration /// date is read from the `AWSUME_EXPIRATION` env var. +/// +/// When using [aws-sso-cli](https://github.com/synfinatic/aws-sso-cli) the profile +/// is read from the `AWS_SSO_PROFILE` env var. pub struct AwsConfig<'a> { /// The format for the module. pub format: &'a str, diff --git a/src/modules/aws.rs b/src/modules/aws.rs index 115c5bbbb..0a5a0176e 100644 --- a/src/modules/aws.rs +++ b/src/modules/aws.rs @@ -97,7 +97,13 @@ fn get_aws_profile_and_region( context: &Context, aws_config: &AwsConfigFile, ) -> (Option<Profile>, Option<Region>) { - let profile_env_vars = ["AWSU_PROFILE", "AWS_VAULT", "AWSUME_PROFILE", "AWS_PROFILE"]; + let profile_env_vars = [ + "AWSU_PROFILE", + "AWS_VAULT", + "AWSUME_PROFILE", + "AWS_PROFILE", + "AWS_SSO_PROFILE", + ]; let region_env_vars = ["AWS_REGION", "AWS_DEFAULT_REGION"]; let profile = profile_env_vars .iter() @@ -415,6 +421,20 @@ mod tests { } #[test] + fn profile_set_from_awsssocli() { + let actual = ModuleRenderer::new("aws") + .env("AWS_SSO_PROFILE", "astronauts-awsssocli") + .env("AWS_ACCESS_KEY_ID", "dummy") + .collect(); + let expected = Some(format!( + "on {}", + Color::Yellow.bold().paint("☁️ astronauts-awsssocli ") + )); + + assert_eq!(expected, actual); + } + + #[test] fn profile_and_region_set() { let actual = ModuleRenderer::new("aws") .env("AWS_PROFILE", "astronauts") |