Merge pull request #165 from roboll/govcloud-arns

allow govcloud style arns
cevoaustralia · Apr 13, 2020 · 2d90c20 · 2d90c20
2 parents db3a92d + f5b10b2
commit 2d90c20
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/aws_google_auth/amazon.py b/aws_google_auth/amazon.py
@@ -79,7 +79,7 @@ def roles(self):
         doc = etree.fromstring(self.saml_xml)
         roles = {}
         for x in doc.xpath('//*[@Name = "https://aws.amazon.com/SAML/Attributes/Role"]//text()'):
-            if "arn:aws:iam:" in x:
+            if "arn:aws:iam:" in x or "arn:aws-us-gov:iam:" in x:
                 res = x.split(',')
                 roles[res[0]] = res[1]
         return roles

diff --git a/aws_google_auth/configuration.py b/aws_google_auth/configuration.py
@@ -130,7 +130,7 @@ def raise_if_invalid(self):
         # role_arn (Can be blank, we'll just prompt)
         if self.role_arn is not None:
             assert (self.role_arn.__class__ is str), "Expected role_arn to be None or a string. Got {}.".format(self.role_arn.__class__)
-            assert ("arn:aws:iam::" in self.role_arn), "Expected role_arn to contain 'arn:aws:iam::'. Got '{}'.".format(self.role_arn)
+            assert ("arn:aws:iam::" in self.role_arn or "arn:aws-us-gov:iam::" in self.role_arn), "Expected role_arn to contain 'arn:aws:iam::'. Got '{}'.".format(self.role_arn)
 
         # u2f_disabled
         assert (self.u2f_disabled.__class__ is bool), "Expected u2f_disabled to be a boolean. Got {}.".format(self.u2f_disabled.__class__)