Closed sirfan123 closed 2 months ago
This error indicates an issue while exchanging the token from the Identity Provider with IAM Identity Center application. Some sources of error:
Went through these steps, error is now
AccessDeniedException: An error occurred (AccessDeniedException):
with no information on what permissions are missing, deploying cloud formation works with no issues, issue is if I try running this locally on my machine utilizing cli.
Found the issue, in my case I have the cloud formation deployed but also I wanted to clone and try running this locally for testing and further enchantment. I was running this with my local cli credentials. By assuming the EC2 service role, createTokenWithIAM call now works.
Getting
AccessDeniedException: An error occurred (AccessDeniedException) when calling the CreateTokenWithIAM operation: 2024-07-26 12:34:03.872 Uncaught app exception Traceback (most recent call last): File "C:\directory\script_runner.py", line 600, in _run_script exec(code, module.dict) File "C:directory\app.py", line 48, in
st.session_state["idc_jwt_token"] = utils.get_iam_oidc_token(st.session_state.token["id_token"])
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\directory\utils.py", line 102, in get_iam_oidc_token
response = client.create_token_with_iam(
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\directory\client.py", line 565, in _api_call
return self._make_api_call(operation_name, kwargs)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "C:\directory\client.py", line 1021, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.errorfactory.AccessDeniedException: An error occurred (AccessDeniedException) when calling the CreateTokenWithIAM operation:
Trying to run this locally, do not require assignments is enabled. Perhaps something to do with my cli creds being used when I run locally?