serverlesspolska
commented
2 years ago Hi @Laurian, thank you for submitting this bug.
Yes, application expects the presence of ~/.aws/credentials file.
Out of curiosity, why you didn't have that file?
Open Laurian opened 2 years ago
serverlesspolska
commented
2 years ago Hi @Laurian, thank you for submitting this bug.
Yes, application expects the presence of ~/.aws/credentials file.
Out of curiosity, why you didn't have that file?
Laurian
commented
2 years ago It kinda happened that way on a newly installed machine, just setup a single account with SSO and got only the config and not the credentials file
serverlesspolska
commented
2 years ago I see that's really uncommon, but can happen that someone has only SSO configuration.
Thanks again for submitting it. I will fix it in the next release :-)
serverlesspolska
commented
2 years ago Better error handling when there is no ~/.aws/credentials file has been added in version 1.15.3
bwhaley
commented
1 year ago I see that this issue is still open so I'll just continue the conversation even though a release supposedly addressed the issue.
I'm using AWS SSO. I have it all set up and working on the CLI with many profiles. I use aws sso login --profile <my-profile> to log in, which opens a browser window from which I can allow the authentication and I'm off to the races.
At no point do I use a .aws/credentials file, nor would I want to as this will store credentials on disk. The aws sso login process adds credentials to AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY.
How can I make this set up work with CloudPouch?
serverlesspolska
commented
1 year ago Hey @bwhaley I started working on this issue.
Indeed, right now CloudPouch expects ~/.aws/credentials and without it crashes.
As a temporary work-around solution you can add ~/.aws/credentials file with a FAKE credentials for default profiles
[default]
aws_access_key_id = FAKE
aws_secret_access_key = FAKE
cli_pager =That will result in the error for this fake default profile obviously :-)
but you would be able to select other profiles which are defined in the ~/.aws/config.
Also, you don't need to execute the command aws sso login --profile <my-profile>. CloudPouch opens a web browser tab for you with an authentication message when you click on an SSO profile.
bwhaley
commented
1 year ago This did the trick for me, thank you!
I do find that when I choose a profile, then select another, I'm asked to authenticate again. With SSO, I should only need to authenticate once. The same credentials should be valid for all the profiles.
peteroruba
commented
8 months ago Same here, using aws-vault to manage my credentials. Created a temporary [default] profile in ~/.aws/credentials file with AWS_REGION, AWS_DEFAUILT_REGION, AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY variables, but still seeing the error that no credentials are found.
serverlesspolska
commented
8 months ago Hey @peteroruba, thanks for trying out CloudPouch.
Have you defined it using lowercase?
As specified in the AWS docs for ~/.aws/credentials.
[default]
aws_access_key_id = AKIAIOSFODNN7EXAMPLE
aws_secret_access_key = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY@serverlesspolska thanks, that was it. For the record - I also had to add aws_session_token and now I am able to run it
serverlesspolska
commented
8 months ago I'm glad it solved the problem for you 😃
Regarding the aws_session_token, I guess it's because your credentials are temporary, right?
peteroruba
commented
8 months ago Yes, exactly. I wanted to run it with my regular account for a quick evaluation, but for regular use a dedicated IAM user definitely makes more sense.
I had to create an empty
.aws/credentialsto have the app load the profiles defined in.aws/config