diff --git a/CHANGELOG.md b/CHANGELOG.md index bd63dde..10007f9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,11 +1,10 @@ # Changelog -## 2.0.0 (TBD) +## 2.0.0 (January 25, 2024) -NOTE: These are the expected 2.0.0 release items; see 2.0.0-beta.X notes for -incremental changes during beta development +V2 GA Release 🎉🎉 -### (completed) New commands +### New commands `okta-aws-cli`'s functions are encapsulated as (sub)commands e.g. `$ okta-aws-cli [sub-command]` @@ -15,7 +14,7 @@ incremental changes during beta development | `m2m` | Machine/headless oriented retrieval of temporary IAM credentials through Okta authentication with a private key. | | `debug` | Debug okta.yaml config file and exit. | -### (completed) Environment variable name changes +### Environment variable name changes A small number of environment variable names have been renamed to be consistent in the naming convention for `okta-aws-cli` specific names. @@ -26,7 +25,7 @@ in the naming convention for `okta-aws-cli` specific names. | `OKTA_OIDC_CLIENT_ID` | `OKTA_AWSCLI_OIDC_CLIENT_ID` | | `OKTA_AWS_ACCOUNT_FEDERATION_APP_ID` | `OKTA_AWSCLI_AWS_ACCOUNT_FEDERATION_APP_ID` | -### (completed) Process credential provider output as JSON +### Process credential provider output as JSON Emits IAM temporary credentials as JSON in [process credentials](https://docs.aws.amazon.com/sdkref/latest/guide/feature-process-credentials.html) @@ -39,7 +38,7 @@ format. credential_process = okta-aws-cli m2m --format process-credentials ``` -### (completed) Execute follow-on command +### Execute follow-on command Instead of scripting and/or eval'ing `okta-aws-cli` into a shell and then running another command have `okta-aws-cli` run the command directly passing @@ -53,7 +52,7 @@ $ okta-aws-cli web \ --exec -- aws ec2 describe-instances ``` -### (completed) Collect all roles for all AWS Fed Apps (IdP) at once +### Collect all roles for all AWS Fed Apps (IdP) at once `okta-aws-cli web` will collect all available AWS IAM Roles for all Okta AWS Federation apps (IdP) at once. This is a feature specific to writing the @@ -81,7 +80,7 @@ Updated profile "devorg-idp2-role1" in credentials file "/Users/me/.aws/credenti Updated profile "prodorg-idp1-role1" in credentials file "/Users/me/.aws/credentials". ``` -### (completed) Alternate web browser open command +### Alternate web browser open command The `web` command will open the system's default web browser when the `--open-browser` flag is present. It is convenient to have the browser open on a @@ -104,7 +103,30 @@ $ okta-aws-cli web \ --open-browser-command "/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --profile-directory=\"Profile\ 1\"" ``` -### (completed) Friendly label matching with regular expressions +Windows examples +``` +> okta-aws-cli web \ + --oidc-client-id abc \ + --org-domain test.okta.com \ + --open-browser-command "cmd.exe /C start msedge" + +> okta-aws-cli web \ + --oidc-client-id abc \ + --org-domain test.okta.com \ + --open-browser-command "cmd.exe /C start chrome" + +> okta-aws-cli web \ + --oidc-client-id abc \ + --org-domain test.okta.com \ + --open-browser-command "cmd.exe /C start chrome --incognito" + +> okta-aws-cli web \ + --oidc-client-id abc \ + --org-domain test.okta.com \ + --open-browser-command "cmd.exe /C start chrome --profile-directory=\"Profile\ 1\"" +``` + +### Friendly label matching with regular expressions Friendly label matching for IdPs and Roles with `$HOME/.okta/okta.yaml` file can be regular expressions. diff --git a/README.md b/README.md index 8f06b88..34bf1c6 100644 --- a/README.md +++ b/README.md @@ -763,6 +763,7 @@ Updated profile "prod-org-containerops-eks-full" in credentials file "/Users/me/ `okta-aws-cli web` can have it's open browser command customized. +#### OSX / MacBook ``` # OSX examples, the device authorization URL is appended to the browser args. @@ -777,6 +778,35 @@ $ okta-aws-cli web \ --open-browser-command "open -na \"Google\ Chrome\" --args --incognito" ``` +#### Windows + +``` +REM Windows examples, the device authorization URL is appended to the browser +REM args using cmd.exe with the run command flag /C used to spawn the browser +REM that is installed on the host OS e.g. medge, chrome, firefox . Additional +REM arguments can be passed on to the browser command that are valid for it. + +> okta-aws-cli web \ + --oidc-client-id abc \ + --org-domain test.okta.com \ + --open-browser-command "cmd.exe /C start msedge" + +> okta-aws-cli web \ + --oidc-client-id abc \ + --org-domain test.okta.com \ + --open-browser-command "cmd.exe /C start chrome" + +> okta-aws-cli web \ + --oidc-client-id abc \ + --org-domain test.okta.com \ + --open-browser-command "cmd.exe /C start chrome --incognito" + +> okta-aws-cli web \ + --oidc-client-id abc \ + --org-domain test.okta.com \ + --open-browser-command "cmd.exe /C start chrome --profile-directory=\"Profile\ 1\"" +``` + ### Help ```shell