search

aws / aws-cdk

The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
https://aws.amazon.com/cdk
Apache License 2.0
11.57k stars 3.87k forks source link

SSM Parameter lookup gives "Not making progress trying to resolve environmental context. Giving up." error #30078

Open AvivSamet-Silk opened 5 months ago

AvivSamet-Silk commented 5 months ago

Describe the bug

When running npx cdk synth I get the following error: image

(This stacktrace is produced in verbose mode, in regular mode you get a less descriptive error).

Following the stacktrace, it looks like this happens when I try to look up an SSM string parameter.

Expected Behavior

This CDK produces a valid cloudformation template that is being deployed by my github actions. For some reason this just isn't working on my local machine.

Current Behavior

image

Reproduction Steps

This is the code that produces the issue, however I wasn't able to reproduce it outside of my local machine (it works fine on GHA and my coworker's machine):

 vpc: ec2.IVpc;

  constructor(scope: Construct) {
    const vpcIdParameter = ssm.StringParameter.valueFromLookup(
      scope,
      "vpc/parameter/path"
    );

    const vpc = ec2.Vpc.fromLookup(
      scope,
      "SilkVpc",
      { vpcId: vpcIdParameter }
    );

    this.vpc = vpc;
  }

Possible Solution

No response

Additional Information/Context

No response

CDK CLI Version

2.9.0

Framework Version

No response

Node.js Version

20.3.1

OS

macOS 14.4.1

Language

TypeScript

Language Version

No response

Other information

No response

khushail commented 5 months ago

Hi @AvivSamet-Silk , thanks for reaching out.

From the error it looks like, the user profile calling the api is not configured on your local machine. You can run this - aws sts get-caller-identity in console to see which user profile is configured.

You could create a user in AWS Console and then generate access and security key and configure the credentials in ~/.aws/config file with this new user . Run cdk bootstrap and run cdk deploy --profile <user-profile>. it should work fine. Here is a doc for reference on how to configure aws cli.

Also when running the code, you could also mention environment parameters like this -

env: { account: '123456789012', region: 'us-east-1' },

Please feel free to reach out if that does not solve the issue.

AvivSamet-Silk commented 5 months ago

I am using aws sso login to get my local credentials. Running aws sts get-caller-identity returns a role with SystemAdministrator privileges. Running cdk bootstrap --verbose Also results in the following error: image

AvivSamet-Silk commented 5 months ago

This works if I export AWS creds locally, but having creds in ~/.aws/config or ~/.aws/credentials does not work