GithubHelp home page GithubHelp logo

tchigher / aws-extend-switch-roles Goto Github PK

View Code? Open in Web Editor NEW

This project forked from tilfinltd/aws-extend-switch-roles

0.0 0.0 0.0 779 KB

Extend your AWS IAM switching roles by Chrome extension or Firefox add-on

Home Page: https://goo.gl/0QFjow

License: MIT License

JavaScript 85.90% HTML 12.25% Shell 1.85%

aws-extend-switch-roles's Introduction

AWS Extend Switch Roles

Build Status codecov Chrome Web Store Firefox Add-on

Extend your AWS IAM switching roles by Chrome extension or Firefox add-on

Switch roll history does not remain only 5 maximum on the AWS Management Console. This extension extends to show more switch roles by loading your aws configuration. The bottom of the console header is emphasized with your specified color if you assume a cross account role.

  • Supports Chrome Sync

Install

AWS Extend Switch Roles - Chrome Web Store

AWS Extend Switch Roles :: Add-ons for Firefox

Configuration

Click Browser button, edit your profile settings to text area in popup form and save.

Supports ~/.aws/config format and like ~/.aws/credentials

Simple Configuration

The simplest configuration is for multiple target roles when you always intend to show the whole list. Target roles can be expressed with a role_arn or with both aws_account_id and role_name.

Optional parameters

  • color - The RGB hex value (without the prefix '#') for the color of the header bottom border and around the current profile.
  • region - Changing the region whenever switching the role if this parameter is specified.
  • image - The uri of an image to use on top of any color attribute supplied. The color and image are not mutually exclusive.
[profile marketingadmin]
role_arn = arn:aws:iam::123456789012:role/marketingadmin
color = ffaaee

[anotheraccount]
aws_account_id = 987654321987
role_name = anotherrole
region=ap-northeast-1

[athirdaccount]
aws_account_id = 987654321988
role_name = athirdrole
image = "https://via.placeholder.com/150"

Complex Configuration

More complex configurations involve multiple AWS accounts and/or organizations.

  • A profile that has only aws_account_id (without a role_name) is defined as base account.

  • If your account is aliased, the alias will be shown in the role dropdown after 'Account:'. You MUST use that alias as the aws_account_id for the base account instead of the numerical account id or your configuration won't work as expected.

  • A target role is associated with a base account by the target role specifying a source_profile.

  • As above, target roles can be expressed with a role_arn or with both aws_account_id and role_name and can optionally pass the optional parameters.

  • If target_role_name is set in base account, the value is provided as the default role name for each target roles.

[organization1]
aws_account_id = your-account-alias

[Org1-Account1-Role1]
role_arn = arn:aws:iam::123456789012:role/Role1
source_profile = organization1

[Org1-Account1-Role2]
aws_account_id = 123456789012
role_name = Role2
source_profile = organization1

[Org1-Account2-Role1]
aws_account_id = 210987654321
role_name = Role1
source_profile = organization1

[baseaccount2]
aws_account_id = 000000000000

[Base2-Role1]
role_arn = arn:aws:iam::234567890123:role/Role1
source_profile = baseaccount2

[AnotherRole]
role_name = SomeOtherRole
aws_account_id = account-3-alias

;
; target_role_name example
;
[Org2-BaseAccount]
aws_account_id = 222200000000
target_role_name = Developer

[Org2-Account1-Developer]
aws_account_id = 222200001111
source_profile = Org2-BaseAccount

[Org2-Account2-Manager]
aws_account_id = 222200002222
role_name = Manager ; overrides target role name
source_profile = Org2-BaseAccount

If you sign-in a base account, target roles of the other base accounts are excluded.

The 'Show only matching roles' setting is for use with more sophisticated account structures where you're using AWS Organizations with multiple accounts along with AWS Federated Logins via something like Active Directory or Google GSuite. Common practice is to have a role in the master account that is allowed to assume a role of the same name in other member accounts. Checking this box means that if you're logged in to the 'Developer' role in the master account, only member accounts with a role_arn ending in 'role/Developer' will be shown. You won't see roles that your current role can't actually assume.

Settings

  • Hide original role history hides original role history (Show only roles in the configuration).
  • Hide account id hides the account_id for each profile.
  • Show only matching roles filters to only show profiles with roles that match your role in your master account.
  • Automatically assume last assumed role (Experimental) automatically assumes last assumed role on the next sign-in if did not back to the base account and signed out.

Extension API

  • Config sender extension allowed by the ID can send your switch roles configuration to this extension. See how to make your config sender extension.

Donation

Would you like to support this extension? I gladly accept small donations.

Donate $5 via PayPal.Me

Donate with bitcoin Bitcoin: 1C346W5vXaH7DjCyUUYeCj4GuXMTbNbLjk

Appearance

Screen Shot 1

Screen Shot 2

Screen Shot 3

aws-extend-switch-roles's People

Contributors

heldersepu avatar hraban avatar int32bit avatar naydichev avatar robsweet avatar taranovalexander avatar tilfin avatar timcleaver avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.