New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Issues with SSO-based source_profile #4301
Comments
Any updates? |
None from my end. I managed to get around this in a bit of a painful way - I used the sdk to sts.assumeRole() from the SSO based profile, then took the temporary credentials returned and wrote those to a new profile in ~/.aws/config. If only there was a way for this to be handled automatically ;) |
So I was actually able to work around this for now using This is the setup in
Then, when working with my node app, I set The |
I just ran into this as well. From what I can gather, the current SSO code ( Here is the relevant
In my testing I would be dropped into the following error block, as there are no } else {
if (!profile.sso_start_url || !profile.sso_account_id || !profile.sso_region || !profile.sso_role_name) {
throw AWS.util.error(
new Error('Profile ' + this.profile + ' does not have valid SSO credentials. Required parameters "sso_account_id", "sso_region", ' +
'"sso_role_name", "sso_start_url". Reference: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html'),
{ code: self.errorCode }
);
}
} This does work with $ aws --profile sandbox sts get-caller-identity | jq -r '.UserId[0:6]'
AROAY7 |
Hi there, Thank you for bringing this to our attention through your internal ticket. I have assigned it to our development queue. All the best, |
Describe the bug
I have a somewhat complex IAM assume-role configuration that should work using the SDK and does work using the CLI.
Expected Behavior
THE ONLY AWS_ ENVIRONMENT VARIABLE SET IS AWS_SDK_LOAD_CONFIG=1
gvessey@lap-gvessey ➤ env | grep AWS AWS_SDK_LOAD_CONFIG=1
This works great:
Therefore, using the AWS SDK, the following should work as well:
Current Behavior
CLI OUTPUT (working):
SDK OUTPUT (issues):
Reproduction Steps
role_arn
set to the IAM role you want to use the SSO profile to assumeexport AWS_SDK_LOAD_CONFIG=1
Possible Solution
No response
Additional Information/Context
No response
SDK version used
2.1276.0
Environment details (OS name and version, etc.)
MacOS Catalina 10.15.6, AWS CLI 2.6.2, Node 16.17.1
The text was updated successfully, but these errors were encountered: