Skip to content

Zero-Configuration AWS SSO Identity Management: identity containing dots break it.Β #2128

New issue
New issue
Open
#2129
Open
Zero-Configuration AWS SSO Identity Management: identity containing dots break it.#2128
#2129
Assignees
ostermancopilot-swe-agent
Labels
bugπŸ› An issue with the system
@afeblot

Description

@afeblot
afeblot
opened on Mar 3, 2026

Describe the Bug

Testing

auth:
  providers:
    sso-prod:
      kind: aws/iam-identity-center
      start_url: https://my-org.awsapps.com/start
      region: us-east-1
      auto_provision_identities: true  # One line to enable

I do get a list of identities in ~/.cache/atmos/auth/sso-prod/provisioned-identities.yaml.

Some of them contains dots, e.g.

        product.usa/ReadOnlyAccess: # <=== The "." here breaks it
            kind: aws/permission-set
            provider: sso-prod
            via:
                provider: sso-prod
            principal:
                account:
                    id: "000000000000"
                    name: product.usa
                name: ReadOnlyAccess

Which atmos does not support:

$ atmos auth list
   Initialize Identities 

   Error: invalid identity kind
  
  ## Explanation

   unsupported identity kind:

   Initialize Identities 

   Error: failed to initialize identities: invalid identity config: identity=product: invalid identity kind: unsupported identity kind:

   Error 

   Error: invalid auth config: failed to create auth manager: failed to initialize identities: invalid identity config: identity=product: invalid identity kind: unsupported identity kind:

Expected Behavior

it works :-)

Steps to Reproduce

Cf .bug description

Screenshots

No response

Environment

atmos 1.207.0

Additional Context

No response

Metadata

Metadata

Assignees

Labels

bugπŸ› An issue with the system

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions