I'm using the open-source app, do you store my data online?
The open-source software doesn't transfer, persist, or share anything with other services. All your data is secured and encrypted on your workstation.
Nobody can access it, not even ourselves.
I've got a paid tier, how do you manage my data? Can you access it?
We can't and don't want to see any of your access data.
We need to store your data online to enable some features (syncing, managing other users, etc.) but we implement a Zero-Knowledge encryption system that prevents even ourselves to access your data.
I don't feel secure using a built-in window for authentication, can't you use the default browser?
In the future, Leapp will only use the default browser to authenticate. Right now, this is a compromise to deliver the authentication flow. We already ported the AWS SSO authentication flow on the default browser, and we're working on migrating the other ones as soon as possible.
How can I find Leapp data in the System Vault?
Every key stored by Leapp in the vault is named Leapp. The account name shows the description of the element saved by our software.
Where do I find the Leapp logs?
Head to the Application data section.
SSM terminal is opening but no session is starting, what can I do?
Just close the terminal and relaunch the SSM command.
AWS CLI (or AZ CLI) is installed but Leapp can't find it, what can I do?
Leapp on macOS works in sandbox mode, so some terminal commands must be symlinked in order to work on some installations. Just make a symlink pointing from
/usr/local/bin/aws to the actual
aws binary or, for AZ CLI, from
/usr/local/bin/az to the actual
az binary. To create symlinks on macOS, use this command
ln -s /any/file/on/the/disk linked-file. The command is called ln. If used with the option -s it will create a symbolic link in the current directory.
ln -s /path/to/my/aws /usr/local/bin/aws ln -s /path/to/my/az /usr/local/bin/az
I use leapp session current but want to see the alias and not the id.
Setting up leappalias command
Follow these steps to set up the
leappalias command in your Zsh shell:
- Create a script file named
leappalias.shusing a text editor:
#!/bin/bash leapp session current | grep -o "\"alias\":\"[^\"]*" | cut -d '"' -f 4
- Save the file and make it executable by running the following command in the terminal:
chmod +x leappalias.sh
- Move the script to a directory in your system's PATH. For example,
sudo mv leappalias.sh /usr/local/bin/leappalias
- Open your
zshrcfile using a text editor:
- Define an alias for executing the script by adding the following line to the
Save the changes and close the
zshrcfile in the terminal using the following command:
Once you have completed these steps, you can use the
leappalias command in your terminal to extract and display the alias from the output of
leapp session current. Credit goes to bspansinQdo.
How can I add support to a new SAML 2.0 Identity Provider?
To add support to a new SAML 2.0 Identity Provider, you have to perform the following steps:
- create a Fork of the Noovolari/leapp GitHub repository;
- create a Pull Request and set up your local environment following Install dependencies and build packages section of the DEVELOPMENT.md;
- add the Identity Provider-specific authentication URL RegEx filter to the Leapp Core authenticationUrlRegexes Map;
- follow the last part of the Install dependencies and build packages section of the DEVELOPMENT.md to build the solution for both the CLI and the Desktop App;
- push your changes to your forked repository and propose to merge them to the main repository.
If you need more details about the implementation, please check the How to add a new SAML IdP preset authentication URL section of the DEVELOPMENT.md.