You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+32-3Lines changed: 32 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -124,16 +124,45 @@ Notice the missing `-s` | `--store-profile` flag
124
124
### Use in CI
125
125
126
126
127
-
128
127
```
129
-
Initiates a specific crednetial provider [WEB_ID]
128
+
Initiates a specific crednetial provider [WEB_ID] as opposed to relying on the defaultCredentialChain provider.
129
+
This is useful in CI situations where various authentication forms maybe present from AWS_ACCESS_KEY as env vars to metadata of the node.
130
+
Returns the same JSON object as the call to the AWS cli for any of the sts AssumeRole* commands
130
131
131
132
Usage:
132
133
aws-cli-auth specific <flags> [flags]
133
134
134
135
Flags:
135
136
-h, --help help for specific
136
-
-m, --method string If aws-cli-auth exited improprely in a previous run there is a chance that there could be hanging processes left over - this will clean them up forcefully
137
+
-m, --method string Runs a specific credentialProvider as opposed to rel (default "WEB_ID")
138
+
139
+
Global Flags:
140
+
--cfg-section string config section name in the yaml config file
141
+
-r, --role string Set the role you want to assume when SAML or OIDC process completes
142
+
-s, --store-profile By default the credentials are returned to stdout to be used by the credential_process. Set this flag to instead store the credentials under a named profile section
143
+
```
144
+
145
+
```bash
146
+
AWS_ROLE_ARN=arn:aws:iam::XXXX:role/some-role-in-k8s-service-account AWS_WEB_IDENTITY_TOKEN_FILE=/var/token aws-cli-auth specific | jq .
147
+
```
148
+
149
+
Above is the same as this:
150
+
151
+
```bash
152
+
AWS_ROLE_ARN=arn:aws:iam::XXXX:role/some-role-in-k8s-service-account AWS_WEB_IDENTITY_TOKEN_FILE=/var/token aws-cli-auth specific -m WEB_ID | jq .
153
+
```
154
+
155
+
### Clear
156
+
157
+
```
158
+
Clears any stored credentials in the OS secret store
159
+
160
+
Usage:
161
+
aws-cli-auth clear-cache <flags> [flags]
162
+
163
+
Flags:
164
+
-f, --force If aws-cli-auth exited improprely in a previous run there is a chance that there could be hanging processes left over - this will clean them up forcefully
165
+
-h, --help help for clear-cache
137
166
138
167
Global Flags:
139
168
--cfg-section string config section name in the yaml config file
0 commit comments