Skip to content

Commit

Permalink
feat: multiple appID depending on role in4it#8
Browse files Browse the repository at this point in the history
  • Loading branch information
no committed Mar 16, 2023
1 parent 0c8238c commit 4ca4c70
Show file tree
Hide file tree
Showing 4 changed files with 30 additions and 6 deletions.
6 changes: 6 additions & 0 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,12 @@ accounts:
appID: onelogin app id (e.g. 123456)
accountID: AWS account ID
profileName: AWS IAM profile to store credentials in (in ~/.aws/credentials)
- name: myapp-dev
appIDsByRole: # optional, if you use different OneLogin apps for different roles
iam-role-1: onelogin app id (e.g. 123456)
iam-role-2: onelogin app id (e.g. 123456)
accountID: AWS account ID
profileName: AWS IAM profile to store credentials in (in ~/.aws/credentials)
roles:
- iam-role-1 # role that is configured in onelogin and IAM to use with the onelogin identity provider
- iam-role-2
Expand Down
3 changes: 2 additions & 1 deletion cmd/login.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,8 @@ var loginCmd = &cobra.Command{
fmt.Println("Role: ", config.Roles[*role])
fmt.Println("Account: ", config.Accounts[*account].Name)
}
appID := config.Accounts[*account].AppID

appID := config.Accounts[*account].GetAppID(config.Roles[*role])

//Get OneLogin access Token
token, err := onelogin.GetAccessToken(config.Onelogin.ClientID, config.Onelogin.ClientSecret)
Expand Down
20 changes: 15 additions & 5 deletions cmd/root.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,21 @@ type OneLoginConf struct {
AccountName string `yaml:"onelogin-account"`
}
type Account struct {
Name string `yaml:"name"`
AppID string `yaml:"appID"`
AccountID string `yaml:"accountID"`
ProfileName string `yaml:"profileName"`
DurationSeconds int64 `yaml:"durationSeconds"`
Name string `yaml:"name"`
AppID string `yaml:"appID"`
AppIDsByRole map[string]string `yaml:"appIDsByRole"`
AccountID string `yaml:"accountID"`
ProfileName string `yaml:"profileName"`
DurationSeconds int64 `yaml:"durationSeconds"`
}

func (a *Account) GetAppID(role string) string {
if a.AppIDsByRole != nil {
if appID, ok := a.AppIDsByRole[role]; ok {
return appID
}
}
return a.AppID
}

var config Config
Expand Down
7 changes: 7 additions & 0 deletions config.yaml.example
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,13 @@ accounts:
appID: onelogin app id (e.g. 123456)
accountID: AWS account ID
profileName: AWS IAM profile to store credentials in (in ~/.aws/credentials)

- name: myapp-dev
appIDsByRole: # optional, if you use different OneLogin apps for different roles
iam-role-1: onelogin app id (e.g. 123456)
iam-role-2: onelogin app id (e.g. 123456)
accountID: AWS account ID
profileName: AWS IAM profile to store credentials in (in ~/.aws/credentials)
roles:
- iam-role-1 # role that is configured in onelogin and IAM to use with the onelogin identity provider
- iam-role-2
Expand Down

0 comments on commit 4ca4c70

Please sign in to comment.