Expand description
§awscloud_sso_cred_helper
A crate for managing AWS Single Sign-On (SSO) workflows.
This crate provides utilities for retrieving AWS credentials for multiple accounts and roles via AWS SSO. It integrates with the AWS SSO OIDC workflow and fetches temporary credentials for accounts and roles assigned to a user.
§Requirements
- AWS SSO must be enabled for your AWS organization.
- A valid AWS SSO start URL and region are required.
- The
~/.aws/credentialsfile will be updated with the fetched credentials. - Access to the device authorization page via a web browser.
§Examples
§Interactive Usage
use awscloud_sso_cred_helper::AwsSsoWorkflow;
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
// With no parameters provided, the workflow will prompt interactively.
let mut workflow = AwsSsoWorkflow::default();
let credential = workflow.run_workflow().await?;
println!("Account ID: {}", credential.account_id);
println!("Role Name: {}", credential.role_name);
println!("Access Key ID: {}", credential.access_key_id);
println!("Secret Access Key: {}", credential.secret_access_key);
println!("Session Token: {}", credential.session_token);
Ok(())
}§Non-interactive Usage (Providing Options)
You can also supply the start URL and region directly:
use awscloud_sso_cred_helper::AwsSsoWorkflow;
#[tokio::main]
async fn main() -> Result<(), Box<dyn std::error::Error>> {
// Construct the workflow with the start URL and region pre-supplied.
let mut workflow = AwsSsoWorkflow {
start_url: "https://your.awsapps.com/start".into(),
region: "eu-west-1".into(),
..Default::default()
};
let credential = workflow.run_workflow().await?;
println!("Account ID: {}", credential.account_id);
println!("Role Name: {}", credential.role_name);
println!("Access Key ID: {}", credential.access_key_id);
println!("Secret Access Key: {}", credential.secret_access_key);
println!("Session Token: {}", credential.session_token);
Ok(())
}§License
MIT License or https://opensource.org/licenses/MIT