Skip to content

Commit

Permalink
Provide an admin policy for federated login
Browse files Browse the repository at this point in the history
  • Loading branch information
lox committed Jan 24, 2017
1 parent add1ca4 commit addb646
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions login.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ import (
"gopkg.in/alecthomas/kingpin.v2"
)

const allowAllIAMPolicy = `{"Version":"2012-10-17","Statement":[{"Effect":"Allow","Action":"*","Resource":"*"}]}`

type LoginCommandInput struct {
Profile string
Keyring keyring.Keyring
Expand Down Expand Up @@ -174,6 +176,7 @@ func getFederationToken(creds credentials.Value, d time.Duration) (*sts.Credenti
params := &sts.GetFederationTokenInput{
Name: aws.String("federated-user"),
DurationSeconds: aws.Int64(int64(d.Seconds())),
Policy: aws.String(allowAllIAMPolicy),
}

if username, _ := getUserName(creds); username != "" {
Expand Down

0 comments on commit addb646

Please sign in to comment.