# # vim:ts=4:sts=4:sw=4:et:filetype=dosini # # Author: Hari Sekhon # Date: Thu Jul 22 19:17:20 2021 +0100 # # https://github.com/HariSekhon/DevOps-Bash-tools # # License: see accompanying Hari Sekhon LICENSE file # # If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish # # https://www.linkedin.com/in/harisekhon # # ============================================================================ # # A W S C L I C o n f i g u r a t i o n # ============================================================================ # # https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-files.html # can configure via this command which prompts for access keys, region, output: # # aws configure # make this go nowhere for safety - do not populate ~/.aws/credentials section for [default] [default] region = eu-west-2 output = json # root mgmt account of Organization where AWS SSO lives [mgmt] region = eu-west-2 output = json # ============================================================================ # # S S O E n v i r o n m e n t s # ============================================================================ # # https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html # can configure via this command which will give you a drop down of the accounts available to fill in the sso account id settings: # # aws configure sso [dev] so_start_url = https://a-xxxxxxxxxx.awsapps.com/start # or custom URL sso_region = eu-west-2 sso_account_id = nnnnnnnnnnnn sso_role_name = AWSAdministratorAccess region = eu-west-2 output = json [staging] so_start_url = https://a-xxxxxxxxxx.awsapps.com/start sso_region = eu-west-2 sso_account_id = nnnnnnnnnnnn sso_role_name = AWSAdministratorAccess region = eu-west-2 output = json [production] so_start_url = https://a-xxxxxxxxxx.awsapps.com/start sso_region = eu-west-2 sso_account_id = nnnnnnnnnnnn sso_role_name = AWSAdministratorAccess region = eu-west-2 output = json