📝 Fill in config.properties documentation #112
Conversation
- Document OKTA_PROFILE - Document OKTA_BROWSER_AUTH
|
@slancio do these docs make sense to you? I was inspired by your change to catch up on docs I forgot to add. |
|
The docs make sense but I'm confused about OKTA_PROFILE. I'm using an old version that I distributed to my engineers and the profile names are in the format |
|
@slancio good point. Random isn’t really the word. It’s more accurate to say they’re generated. OKTA_PROFILE is intended to support external tools like Terraform where you need a specifically named profile instead of a generated profile name. It also allows this tool to be used with boto3 or other downstream AWS SDKs that can use named profiles. I’ve personally used it with Java, Python, PowerShell, and Haskell programs in this way. |
|
We use terraform with this a lot and the advice that we give is to either set the AWS_PROFILE/AWS_DEFAULT_PROFILE envvars to the generated profile name (because that name does not change), use the terraform aws iam profile resource, or specify the profile name in the terraform aws provider. As long as the AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY envvars are clear, the envvar suggestion should work in any language using the standard libraries for working with AWS. |
|
Neat! I didn’t know that. I’ve been so focused on the Okta side of this, that I haven’t dug into Terraform much yet. I didn’t realize it had —profile switch support on the CLI! |
|
Sorry, i mispoke about profile switch support (i thought it did) hence the edit. envvar and in terraform config only. |
|
This makes sense to me! |
* 📝 Fill in config.properties documentation - Document OKTA_PROFILE - Document OKTA_BROWSER_AUTH * 🎨 Clarify OKTA_PROFILE explanation
Problem Statement
Some properties in config.properties aren't documented.
Solution
Add documentation for OKTA_PROFILE and OKTA_BROWSER_AUTH.