AESR S3 Config Sender is a Google Chrome extension that enables you to easily update your AESR configuration by pulling the latest configuration from an S3 bucket.
You can download the latest stable version from the Chrome Web Store here.
- Download the latest build.
- Extract the contents of the ZIP file to a local directory on your computer.
- Open Google Chrome and type
chrome://extensionsin the address bar. - Turn on the "Developer mode" toggle switch (if it's not already on).
- Click the "Load unpacked" button and select the directory where you extracted the extension in step 2.
- The extension should now be loaded as an u npacked extension and ready to use.
The Security Token Service (STS) from AWS provides an API action assumeRoleWithSAML. Using the SAML Assertion given by your IDP, the Chrome Extension will call this API action to fetch temporary credentials. (AccessKeyId, SecretAccessKey and SessionToken). This way, there is no need to create some anonymous user in AWS IAM used for executing scripts. This Chrome Extension, however, will make it super easy for you to use your corporate identity for making requests to an S3 bucket for the AWS Extend Switch Roles extension.
| Field Name | Description | Example |
|---|---|---|
| AESR Extension ID | The chrome extension ID of AWS Extend Switch Roles | jpmkfafbacpgapdghgdpembnojdlgkdl |
| Region | The region where the AWS S3 objects are stored. | us-west-2 |
| Bucket Name | The name of the S3 bucket where the AWS configuration file is stored. | my-s3-bucket |
| File Key | The object key for the AESR configuration file stored in the S3 bucket. | configs/my-aws-config.ini |
Sign into AWS using SSO, and the extension will capture the SAML response automatically. Ensure that the user you are signing into has the access required to the bucket where your configuration is stored.
Originally, this project utilised Cognito for authentication. This methodology has since been deprecated, and has since been replaced by the use of AWS STS.
To save a new AWS configuration profile, click Save Profile.
To delete an existing AESR S3 Config Sender profile, select it from the dropdown list, and click the "Delete Profile" button.
To set a default AESR S3 Config Sender profile, select it from the dropdown list, and click the "Set Default Profile" button. The default profile will be saved to your browser's local storage.
To pull the latest AWS configuration from an S3 bucket, enter the required information in the fields and click the "Pull S3 Config" button. The latest configuration will be displayed in the text area below.
Failures to pull the config are generally related to either Bucket Policy, IAM permissions, or the CORS policy from the bucket. You will see a log to the console regarding this.
To send the AWS configuration to AWS Extend Switch Roles, enter the chrome extension ID of AWS Extend Switch Roles. Then copy the AESR Config Sender ID, and put this in the Config sender extension ID: field in AWS Extend Switch Roles. Once these are saved, in future you can just click the Push to AESR button.
This section guides you through the process of building the project from the source code. Please follow these steps carefully to ensure a successful build.
Before you begin, ensure that you have Node.js version 20.x installed on your Linux system. This is a necessary prerequisite for the build process. You can download and install Node.js from here.
- Open your terminal.
- Clone the repository by running the following command:
git clone [email protected]:XargsUK/aesr-s3-config-sender.git
After cloning the repository, navigate to the project directory:
cd aesr-s3-config-sender
This step is crucial as the build script must be run from the root of the project directory.
- In the project directory, you will find a build script named build.sh. This script is used to build the project for different environments.
- While in the project root, execute the following command:
./bin/build.sh <chrome|firefox>
Replace <chrome|firefox> with the target platform for which you are building. For example, use chrome to build for Google Chrome or firefox for Mozilla Firefox.
This command builds the project and places the output in the dist/ directory.
After the build process completes, you will find the built project in the dist/ directory. This directory contains the compiled code ready for deployment or further testing.
Contributions are welcome! If you find a bug or have a feature request, please open an issue or submit a pull request on GitHub.
This project is licensed under the MIT License.
Please note that this is subject to change depending on the specific license chosen for the project.
AWS Extend Switch Roles was developed and distributed by tilfinltd, who without their work, this plugin wouldn't have been possible. I would like to acknowledge and thank tilfinltd for their contribution.