Granted's Profile Registry

Managing AWS SSO profiles across your team can be hard. Here to make your life a whole lot easier - Granted's Profile Registry!

 min read

How many times have you copy-pasted your local AWS SSO profiles to your team members because the ones they had were outdated? We get it. We have been there ourselves. Consistently sharing AWS profiles needs a defined workflow when you have a large number of AWS Permission Roles.

To alleviate this and to ease the onboarding of new members to your team effortlessly, we have introduced a new feature of Granted: Profile Registry.

The idea is to create a git repository (a profile registry) which is a central store of AWS profile configuration. Any changes to the AWS config will now not only be consistent but also version controlled and reviewed. You can now let Granted sync the config to your local machine and update your local AWS config file regularly. 🎉

If you have a monorepo setup with multiple config files dedicated to subset of your engineering team then you can only sync those profiles by specifying them in granted.yml config file like this:

awsConfig:
  - ./devFolder/feat1Config
  - ./devFolder/feat2Config

This will now only sync “feat1config” & “feat2config” files inside “devFolder” when user runs the following command:

granted registry add

Usage Guide:

  1. If you are new to Granted then follow this link for installation.
  2. To create a Profile Registry and copy the contents of your local AWS config file into Granted, run the command below. This will create a new granted-registry folder with a granted.yml anconfig file. Now, push this to your git hosting service.
granted registry setup
  1. You can add any git-based repository to Granted's Profile Registry. By default, Granted looks for a granted.yml file in the root of the repository. To add a repository to Granted's Profile Registry, run the following command:
granted registry add ${YOUR-REPO-GIT-URL}.git

Granted allows you to specify a repository subfolder for your Profile Registry's configuration. Should you wish to specify a subfolder, run:

granted registry add ${YOUR-REPO-GIT-URL}.git/${subfolder}

Granted allows you to specify an alternative YAML file for your Profile Registry's configuration. Should you wish to specify a different YAML file, run:

granted registry add ${YOUR-REPO-GIT-URL}.git/${subfolder}/${filename.yml}

For more details, you can always checkout our documentation or join our Slack community.