Merge pull request #32 from okta/prep_v0_1_0_GA

GA v0.1.0 release

CHANGELOG.md

@@ -1,5 +1,35 @@
 # Changelog
 
+## 0.1.0 (December 21, 2022)
+
+First GA release
+
+# NEW FEATURES
+
+* Auto pop system web browser to device authorization form when `--open-browser` CLI flag is present - PR [#21](https://github.com/okta/okta-aws-cli/pull/21)
+  * Thanks [@kda-jt](https://github.com/kda-jt), [@monde](https://github.com/monde)!
+* Full multiple AWS Federation Applications support - see [README - Multiple AWS environments](https://github.com/okta/okta-aws-cli/#multiple-aws-environments) - [#28](https://github.com/okta/okta-aws-cli/pull/28)
+  * Thanks [@monde](https://github.com/monde)!
+* Write/update (instead of append) AWS Crendentials file when `--write-aws-credentials` CLI flag is present - PR [#30](https://github.com/okta/okta-aws-cli/pull/30)
+  * Thanks [@ctennis](https://github.com/ctennis), [@monde](https://github.com/monde)!
+
+### ENHANCEMENTS
+
+* Print response body with error message when API error occurs [#22](https://github.com/okta/okta-aws-cli/pull/22)
+  * Thanks [@ctennis](https://github.com/ctennis)!
+* Don't render ncurses select menu for IdP or Role when there is only one item to choose from [#25](https://github.com/okta/okta-aws-cli/pull/25)
+  * Thanks [@ctennis](https://github.com/ctennis)!
+* Document policy recommendation for AWS Fed App and OIDC Native App
+* Document need for `AWS_REGION` env variable if AWS IdP is in a non-commercial AWS region
+* Auto-correct org domain when it is in admin form - `ORGNAME-admin.okta.com` to `ORGNAME.okta.com`
+* Illustrate `make tools` is used to install the tools the Makefile makes use of
+* Notorizing OSX x86_64 and arm64 binaries
+
+### BUG FIXES
+
+* Correctly write creds file when `AWS_CREDENTIALS` env var is set
+* `AWS_PROFILE` is unnecessary in env var output
+
 ## 0.0.4 (October 24, 2022)
 
 * Configurable AWS Session TTL `--session-duration [value]` [#14](https://github.com/okta/okta-aws-cli/pull/14). Thanks, [@tim-fitzgerald](https://github.com/tim-fitzgerald)!

README.md

@@ -25,6 +25,7 @@ $ eval `okta-aws-cli` && aws s3 ls
 ```
 
 * [Requirements](#requirements)
+* [Recommendations](#recommendations)
 * [Configuration](#configuration)
 * [Operation](#operation)
 * Comparison
@@ -73,8 +74,9 @@ URL below. Then follow the directions in that wizard.
 ### Multiple AWS environments
 
 To support multiple AWS environments, associate additional AWS Federation
-applications with the OIDC app. The following is an illustration of the
-association of objects that make up this kind of configuration.
+applications with the OIDC app The OIDC app **must** have the `okta.apps.read`
+grant. The following is an illustration of the association of objects that make
+up this kind of configuration.
 
 ![okta-aws-cli supporting multiple AWS environments](./doc/multi-aws-environments.jpg)
 
@@ -95,9 +97,16 @@ association of objects that make up this kind of configuration.
 
 ![conclusion](./doc/example-conclusion.png)
 
+## Recommendations
+
+We recommend that the AWS Federation Application and OIDC native application
+have equivalent policies if not share the same policy. If the AWS Federation
+app has more stringent assurance requirements than the OIDC app a `400 Bad
+Request` API error is likely to occur.
+
 ## Configuration
 
-**Note**: If your AWS IAM IdP is in a non-commerical region, such as GovCloud,
+**Note**: If your AWS IAM IdP is in a non-commercial region, such as GovCloud,
 the environmental variable
 [`AWS_REGION`](https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html)
 should be set
@@ -139,7 +148,7 @@ Also see the CLI's online help `$ okta-aws-cli --help`
 | Display QR Code (optional) | QR_CODE | `--qr-code` | `true` if flag is present  |
 | Automatically open the activation URL with the system web browser (optional) | OPEN_BROWSER | `--open-browser` | `true` if flag is present  |
 | Alternate AWS credentials file path (optional) | AWS_CREDENTIALS | `--aws-credentials` | Path to alternative credentials file other than AWS CLI default |
-| Write to the AWS credentials file (optional). Default formatting is to append and not modify the file beyond adding new lines. WARNING: When enabled, writing can inadvertantly remove dangling comments and extraneous formatting from the creds file. | WRITE_AWS_CREDENTIALS | `--write-aws-credentials` | `true` if flag is present  |
+| Write to the AWS credentials file (optional). Default formatting is to append and not modify the file beyond adding new lines. WARNING: When enabled, writing can inadvertently remove dangling comments and extraneous formatting from the creds file. | WRITE_AWS_CREDENTIALS | `--write-aws-credentials` | `true` if flag is present  |
 
 ### Allowed Web SSO Client
 

cmd/root/root.go

@@ -133,7 +133,7 @@ func init() {
 			name:   "write-aws-credentials",
 			short:  "z",
 			value:  false,
-			usage:  fmt.Sprintf("Write the created/updated profile to the %q file. WARNING: This can inadvertantly remove dangling comments and extraneous formatting from the creds file.", awsCredentialsFilename),
+			usage:  fmt.Sprintf("Write the created/updated profile to the %q file. WARNING: This can inadvertently remove dangling comments and extraneous formatting from the creds file.", awsCredentialsFilename),
 			envVar: "WRITE_AWS_CREDENTIALS",
 		},
 	}

internal/config/config.go

@@ -27,7 +27,7 @@ import (
 
 const (
 	// Version The version of the CLI
-	Version      = "0.0.4"
+	Version      = "0.1.0"
 	awsCrentials = "aws_credentials"
 )