Updates for Granted v0.20.0 (#301)

common-fate · Nov 23, 2023 · 6953375 · 6953375
1 parent 1096430
commit 6953375
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 1 deletion.
diff --git a/docs/granted/configuration.md b/docs/granted/configuration.md
@@ -24,6 +24,10 @@ The configuration settings for Granted are stored within the `$HOME/.granted` fo
 
 - **Usage Tips and Credential Caching**: The `DisableUsageTips` option, when set to true, suppresses usage tips. The `DisableCredentialProcessCache` option, when set to true, prevents credential caching via credential processes.
 
+- **Export All Environment Variables**: The `DefaultExportAllEnvVar=true` configuration exports all environment variables by default when the `credential_process` is used.
+
+- **Export Credentials To AWS**: The `ExportCredsToAWS=true` configuration will enable credentials to be exported to `~/.aws/credentials` by default.
+
 To configure any of these options, you can use the following command:
 
 ```

diff --git a/docs/granted/recipes/credential-process.md b/docs/granted/recipes/credential-process.md
@@ -56,4 +56,4 @@ Additionally, if you would like to use Glide for turn-key access requests, we su
 
 ## Assuming roles with Credential Process
 
-When assuming roles via the credential process, we have improved the process by introducing automatic credential renewal. By default, only the `AWS_PROFILE` environment variable is exported when you run `assume <credential-process-profile>`. If you wish to export all variables, you can do so by using the `--export-all-env-vars` flag when executing the assume command.
+When assuming roles via the credential process, we have improved the process by introducing automatic credential renewal. By default, only the `AWS_PROFILE` environment variable is exported when you run `assume <credential-process-profile>`. If you wish to export all variables, you can do so by using the `--export-all-env-vars` or `-x` flag when executing the assume command. You can also include the `DefaultExportAllEnvVar=true` configuration in your `~/.granted/config` to export all environment variables by default.
diff --git a/docs/granted/recipes/inline-role-assumption.md b/docs/granted/recipes/inline-role-assumption.md
@@ -0,0 +1,15 @@
+# Inline Role Assumption
+
+## `--chain` flag
+
+In some edge cases, you may have roles which you have access to, but do not have a pre-configured profile. You can use the `--chain` flag to assume another role inline. This feature can be utilized in conjunction with either the `--exec` option or as part of a regular profile definition.
+
+```
+assume <base-profile> --chain arn:aws:iam::12345678912:role/aws-example --exec -- aws sts get-caller-identity
+```
+
+or
+
+```
+assume <base-profile> --chain arn:aws:iam::12345678912:role/aws-example
+```
Original file line number	Diff line number	Diff line change
Expand Up		@@ -56,4 +56,4 @@ Additionally, if you would like to use Glide for turn-key access requests, we su

		## Assuming roles with Credential Process

		When assuming roles via the credential process, we have improved the process by introducing automatic credential renewal. By default, only the `AWS_PROFILE` environment variable is exported when you run `assume <credential-process-profile>`. If you wish to export all variables, you can do so by using the `--export-all-env-vars` flag when executing the assume command.
		When assuming roles via the credential process, we have improved the process by introducing automatic credential renewal. By default, only the `AWS_PROFILE` environment variable is exported when you run `assume <credential-process-profile>`. If you wish to export all variables, you can do so by using the `--export-all-env-vars` or `-x` flag when executing the assume command. You can also include the `DefaultExportAllEnvVar=true` configuration in your `~/.granted/config` to export all environment variables by default.