扩展简介
Switch role history does not remain only five maximum on the AWS Management Console. This extension gives you show all of switch roles from a browse menu by loading your aws configuration.
## Configuration
### Simple Configuration
The simplest configuration is for multiple **target roles** when you always intend to show the whole list. **Target roles** can be expressed with a `role_arn` or with both `aws_account_id` and `role_name`.
#### Optional parameters
* `color` – The RGB hex value (without the prefix '#') for the color of the header bottom border and around the current profile.
* `region` – Changing the region whenever switching the role if this parameter is specified.
* `image` – The uri of an image to use on top of any color attribute supplied. The color and image are not mutually exclusive.
“`
[profile marketingadmin]
role_arn = arn:aws:iam::123456789012:role/marketingadmin
color = ffaaee
[anotheraccount]
aws_account_id = 987654321987
role_name = anotherrole
region=ap-northeast-1
[athirdaccount]
aws_account_id = 987654321988
role_name = athirdrole
image = "https://via.placeholder.com/150"
“`
### Complex Configuration
More complex configurations involve multiple AWS accounts and/or organizations.
– A profile that has only `aws_account_id` (without a `role_name`) is defined as **base account**.
– **If your account is aliased, the alias will be shown in the role dropdown after 'Account:'. You MUST use that alias as the aws_account_id for the base account instead of the numerical account id or your configuration won't work as expected.**
– A **target role** is associated with a **base account** by the **target role** specifying a `source_profile`.
– As above, **target roles** can be expressed with a `role_arn` or with both `aws_account_id` and `role_name` and can optionally pass the optional parameters.
– If `target_role_name` is set in **base account**, the value is provided as the default role name for each **target roles**.
“`
[organization1]
aws_account_id = your-account-alias
[Org1-Account1-Role1]
role_arn = arn:aws:iam::123456789012:role/Role1
source_profile = organization1
[Org1-Account1-Role2]
aws_account_id = 123456789012
role_name = Role2
source_profile = organization1
[Org1-Account2-Role1]
aws_account_id = 210987654321
role_name = Role1
source_profile = organization1
[baseaccount2]
aws_account_id = 000000000000
[Base2-Role1]
role_arn = arn:aws:iam::234567890123:role/Role1
source_profile = baseaccount2
[AnotherRole]
role_name = SomeOtherRole
aws_account_id = account-3-alias
;
; target_role_name example
;
[Org2-BaseAccount]
aws_account_id = 222200000000
target_role_name = Developer
[Org2-Account1-Developer]
aws_account_id = 222200001111
source_profile = Org2-BaseAccount
[Org2-Account2-Manager]
aws_account_id = 222200002222
role_name = Manager ; overrides target role name
source_profile = Org2-BaseAccount
“`
If you sign-in a base account, target roles of the other base accounts are excluded.
For more information, please visit the homepage.
发表评论