Code Monkey home page Code Monkey logo

onelogin-auth-cli's Introduction

OneLogin Auth CLI Tool

Usage

List all profiles:

onelogin-auth list

Configuration

The onelogin auth CLI expects a file config.yaml:

onelogin:
  clientID: clientID of API credential with "Authentication only"
  clientSecret: client Secret of API credential
  accountName: onelogin account name
  durationSeconds: 28800 # duration of the credentials in seconds (or remove for the default of 3600)
accounts:
  - name: myapp-prod
    appID: onelogin app id (e.g. 123456)
    accountID: AWS account ID
    profileName: AWS IAM profile to store credentials in (in ~/.aws/credentials)
  - name: myapp-dev
    appIDsByRole: # optional, if you use different OneLogin apps for different roles
      iam-role-1: onelogin app id (e.g. 123456)
      iam-role-2: onelogin app id (e.g. 123456)
    accountID: AWS account ID
    profileName: AWS IAM profile to store credentials in (in ~/.aws/credentials)
roles:
  - iam-role-1 # role that is configured in onelogin and IAM to use with the onelogin identity provider
  - iam-role-2
defaultRegion: us-east-1

Environment Variables (optional)

If you use external password managers, you can use environment variables to automate the login process.

The following environment variables are supported:

  • EMAIL - email address of the user to login as
  • PASSWORD - password of the user to login as
  • OTP - One Time Password (if MFA is enabled)

If you prefer to specify the path to the config file, you can use the ONELOGIN_AUTH_CLI_CONFIG_FILE environment variable.

Login

onelogin-auth login

You can also list the roles and accounts

Example:

$ onelogin-auth list

Roles:
[0] admin
[1] readonly
Accounts:
[0] myapp-prod

$ onelogin-auth login 1 0

This example will make you login into the myapp-prod account with the readonly role.

onelogin-auth-cli's People

Contributors

wardviaene avatar

Stargazers

avatar

Watchers

avatar avatar

Forkers

alessandromr harnyk

onelogin-auth-cli's Issues

Allow to specify multiple `appID`s depending on role

Problem

Currently, one account can only be associated with one appID. This seems to be an issue, because some configurations a specific appID per each role.

Solution

Allow to optionally specify multiple appIDs depending on role using a map field appIDsByRole in the account struct.

Example:

accounts:
  - name: ACME Dev
    appIDsByRole:
      admin: "123456"
      readonly: "987654"
    accountID: "111111111111"
    profileName: acme-dev

roles:
  - admin
  - readonly

Backwards compatibility

This is backwards compatible, because if appIDsByRole is not specified, the appID field is used.

Add GoReleaser

Problem

Currently, we have to manually build and upload the binaries for each release.

Solution

Use GoReleaser to automate the release process.

Notes

Release workflow after this PR

  • Create a new tag
  • Push the tag
  • GoReleaser will build and upload the binaries to GitHub

Notes:

  • The tag must be in the format vX.Y.Z (e.g. v1.2.3)
  • The binaries will be uploaded to GitHub under the release with the same name as the tag
  • Release notes will be generated from the PRs merged since the last release, so take care to write good PR titles and descriptions

Allow to override a path to config file

Problem

Currently, the path to the config file is hardcoded to ./config.yaml and is searched in the current directory.

This behavior is convenient when there are multiple companies and each company has its own config file in a separate directory.

But for a client with a single company, it is inconvenient to have to call the program from the specific directory every time.

Solution

Add a new environment variable ONELOGIN_AUTH_CLI_CONFIG_FILE that, when set, will override the default path to the config file.

A user can set this variable in the shell profile and then call the program from any directory.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.