Comment by shushpanchik

2 days ago

> // TODO: Handle credential_source, role_arn, source_profile, sso_*, etc.

So it does not support any meaningful multi-account login (SSO, org role assumption, etc), and requires AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY. That's a no-no from security POV for anything in production, so not sure what's the meaningful way to use that.

3 comments

shushpanchik

huseyinbabal 2 days ago

I also care security part, but this is just beginning :) New features will be added iteratively based on community requests, and it seems there are plenty of good requirements in HN thread, thanks

zeroimpl 2 days ago

You or the developer could piggy back on “aws configure export-credentials --profile profile-name —-format process” to support any authentication that the CLI supports.

fosron 2 days ago

Yeah, without SSO support this is a no-go for me too.