fedeBollo
commented
5 years ago Same error here...
Closed KarthickEmis closed 4 years ago
fedeBollo
commented
5 years ago Same error here...
eladb
commented
5 years ago Can you share your stack definition code?
qoomon
commented
5 years ago got same error
MichaelHindley
commented
5 years ago Getting same error after upgrading from 1.1.0 to 1.2.0, no other changes, actually cant get cdk deploy to work at all, forcing a revert to 1.1.0.
@eladb is there anything I can provide you with? I get this error even with the simplest of stacks:
import * as logs from "@aws-cdk/aws-logs"
import { RetentionDays } from "@aws-cdk/aws-logs"
import * as cdk from "@aws-cdk/core"
export const logGroupName = 'name'
export default class LogStack extends cdk.Stack {
constructor(scope: cdk.App, id: string, props: cdk.StackProps) {
super(scope, id, props)
new logs.LogGroup(this, 'logGroup', {
logGroupName,
retention: RetentionDays.THREE_MONTHS,
})
}
}Funny thing is this seems to work with cmd.exe in Win10, but not with bash through ConEmu or WSL.
edit again: So for me this is strictly an issue with any non-cmd.exe environment from 1.0.0 onwards. In the first paragraph I had mistakenly assumed this was due to the upgrade path, but there was also the switch from cmd to bash.
eladb
commented
5 years ago What do you mean when you say “the switch from cmd to bash“?
MichaelHindley
commented
5 years ago Executing the command in cmd works, executing it in bash does not work, switching was just for me personally in my Win10 dev environment.
I.E on my Win10 machine, this is not an issue and cdk deploy works but only when using cmd, on my macbook, it does not work at all with either bash or zsh
micgo
commented
5 years ago Having a similar issue. It seems like cdk is looking specifically for a credentials file that I don't use (we use a MFA implementation). Here's the verbose output of my cdk deploy --profile foo command:
CDK toolkit version: 1.2.0 (build 6b763b7)
Command line arguments: {
_: [ 'deploy' ],
'ignore-errors': false,
ignoreErrors: false,
json: false,
j: false,
verbose: true,
v: true,
ec2creds: undefined,
i: undefined,
'version-reporting': undefined,
versionReporting: undefined,
'path-metadata': true,
pathMetadata: true,
'asset-metadata': true,
assetMetadata: true,
staging: true,
ci: false,
profile: 'foo',
'role-arn': undefined,
r: undefined,
roleArn: undefined,
'build-exclude': [],
E: [],
buildExclude: [],
'$0': '/usr/local/bin/cdk'
}
Determining whether we're on an EC2 instance.
Does not look like EC2 instance.
cdk.json: {
"app": "npx ts-node bin/hello-cdk.ts"
}
merged settings: {
versionReporting: true,
pathMetadata: true,
output: 'cdk.out',
app: 'npx ts-node bin/hello-cdk.ts',
context: {},
tags: [],
assetMetadata: true,
staging: true
}
Setting "CDK_DEFAULT_REGION" environment variable to us-west-2
Resolving default credentials
Unable to determine the default AWS account (did you configure "aws configure"?): Error: ENOENT: no such file or directory, open '/Users/micgo/.aws/credentials'
at Object.openSync (fs.js:447:3)
at Object.readFileSync (fs.js:349:35)
at Object.readFileSync (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/util.js:95:26)
at IniLoader.parseFile (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/shared-ini/ini-loader.js:6:47)
at IniLoader.loadFrom (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/shared-ini/ini-loader.js:56:30)
at SharedIniFileCredentials.load (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/credentials/shared_ini_file_credentials.js:104:41)
at SharedIniFileCredentials.coalesceRefresh (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/credentials.js:205:12)
at SharedIniFileCredentials.refresh (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/credentials/shared_ini_file_credentials.js:185:10)
at SharedIniFileCredentials.get (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/credentials.js:122:12)
at resolveNext (/usr/local/lib/node_modules/aws-cdk/node_modules/aws-sdk/lib/credentials/credential_provider_chain.js:125:17) {
errno: -2,
syscall: 'open',
code: 'ENOENT',
path: '/Users/micgo/.aws/credentials'
}
Setting "CDK_DEFAULT_ACCOUNT" environment variable to undefined
context: {
'aws:cdk:enable-path-metadata': true,
'aws:cdk:enable-asset-metadata': true
}
outdir: cdk.out
env: {
CDK_DEFAULT_REGION: 'us-west-2',
CDK_DEFAULT_ACCOUNT: undefined,
CDK_CONTEXT_JSON: '{"aws:cdk:enable-path-metadata":true,"aws:cdk:enable-asset-metadata":true}',
CDK_OUTDIR: 'cdk.out'
}
Reading existing template for stack HelloCdkStack.
Unable to resolve AWS account to use. It must be either configured when you define your CDK or through the environment
Error: Unable to resolve AWS account to use. It must be either configured when you define your CDK or through the environment
at SDK.resolveEnvironment (/usr/local/lib/node_modules/aws-cdk/lib/api/util/sdk.ts:188:13)
at SDK.cloudFormation (/usr/local/lib/node_modules/aws-cdk/lib/api/util/sdk.ts:113:25)
at CloudFormationDeploymentTarget.readCurrentTemplate (/usr/local/lib/node_modules/aws-cdk/lib/api/deployment-target.ts:52:17)
at CdkToolkit.deploy (/usr/local/lib/node_modules/aws-cdk/lib/cdk-toolkit.ts:94:33)
at main (/usr/local/lib/node_modules/aws-cdk/bin/cdk.ts:192:16)
at initCommandLine (/usr/local/lib/node_modules/aws-cdk/bin/cdk.ts:150:9)Hello there, after some retries I resolved the issue insert the AWS keys in the "config" file inside ~/.aws folder, and not inside "credentials" file like the other aws's cli works. It seems the cdk-cli taking info from different files. Copying the credentials inside that, resolved the issue.
jeroneemou
commented
5 years ago I am having the same issue, I have tried:
.aws/config
[profile davros] # also for default
aws_default_region = eu-central-1
region = eu-central-1
aws_access_key_id = ...
aws_secret_access_key = ...
and
.aws/credentials
[davros] # also for default
aws_default_region = eu-central-1
region = eu-central-1
aws_access_key_id = ...
aws_secret_access_key = ...
and
AWS_DEFAULT_REGION=... AWS_SECRET_ACCESS_KEY=... AWS_ACCESS_KEY_ID=... cdk deploy
and
export AWS_DEFAULT_REGION=...
export AWS_SECRET_ACCESS_KEY=...
export AWS_ACCESS_KEY_ID=...
cdk deployand nothing works.
Always result:
CDK toolkit version: 1.3.0 (build bba9914)
Command line arguments: { _: [ 'deploy' ],
'ignore-errors': false,
ignoreErrors: false,
json: false,
j: false,
verbose: true,
v: true,
ec2creds: undefined,
i: undefined,
'version-reporting': undefined,
versionReporting: undefined,
'path-metadata': true,
pathMetadata: true,
'asset-metadata': true,
assetMetadata: true,
staging: true,
ci: false,
profile: 'davros',
'role-arn': undefined,
r: undefined,
roleArn: undefined,
'build-exclude': [],
E: [],
buildExclude: [],
'$0': 'cdk' }
Determining whether we're on an EC2 instance.
Does not look like EC2 instance.
cdk.json: {
"app": "npx ts-node bin/infrastructure.ts"
}
merged settings: { versionReporting: true,
pathMetadata: true,
output: 'cdk.out',
app: 'npx ts-node bin/infrastructure.ts',
context: {},
tags: [],
assetMetadata: true,
staging: true }
Setting "CDK_DEFAULT_REGION" environment variable to eu-central-1
Resolving default credentials
Retrieved account ID 272348052748 from disk cache
Setting "CDK_DEFAULT_ACCOUNT" environment variable to 272348052748
context: { 'aws:cdk:enable-path-metadata': true,
'aws:cdk:enable-asset-metadata': true }
outdir: cdk.out
env: { CDK_DEFAULT_REGION: 'eu-central-1',
CDK_DEFAULT_ACCOUNT: '272348052748',
CDK_CONTEXT_JSON:
'{"aws:cdk:enable-path-metadata":true,"aws:cdk:enable-asset-metadata":true}',
CDK_OUTDIR: 'cdk.out' }
Reading existing template for stack InfrastructureStack.
Need to perform AWS calls for account davros, but no credentials found. Tried: default credentials.
Error: Need to perform AWS calls for account davros, but no credentials found. Tried: default credentials.
at CredentialsCache.getCredentials (/Users/davros/.nvm/versions/node/v10.16.1/lib/node_modules/aws-cdk/lib/api/util/sdk.ts:261:11)
at process._tickCallback (internal/process/next_tick.js:68:7)And normal aws commands or even npx aws work flawlessly.
daviddeejjames
commented
5 years ago Experienced this issue also as @fedeBollo mentioned, however if you have another method of providing the required variables aka (export AWS_DEFAULT_REGION, AWS_SECRET_ACCESS_KEY, AWS_ACCESS_KEY_ID) it seems that this ~/.aws/credentials file needs to exist! Even as an empty file, the CDK CLI will not create it for you
stknohg
commented
5 years ago I had same problem, but it solved by making empty ~/.aws/credentials file as @daviddeejjames says.
Thanks @daviddeejjames!
ashishgore
commented
5 years ago I had similar issue, and removing [profile default] from ~/.aws/config solved the issue! I had both [default] and [profile default]. Please see https://github.com/aws/aws-cdk/issues/1656
shivlaks
commented
4 years ago I think this issue thread should be consolidated into #1656 provided that some of the workarounds and guidance is covered there.
Thoughts @NGL321 ?
shivlaks
commented
4 years ago resolving this issue in favour of #1656 - further details should be added to the master thread
yujiny97
commented
3 years ago in my case, cdk diff gave me same error.
so I just followed this instructions from https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html
$ export AWS_ACCESS_KEY_ID=AKIAIOSFODTHISISNOTMYKEYID
$ export AWS_SECRET_ACCESS_KEY=wJalrXUtnFEMI/K7MDENG/EXAMPLEACCESSKEY
$ export AWS_DEFAULT_REGION=us-west-2
cvilla87
commented
3 years ago In my case it had nothing to do with AWS configuration, I tried almost all that and nothing worked.
When I added the -v (verbose) parameter to cdk command, I was able to get more details about the error:
Unable to determine the default AWS account: TypeError [ERR_INVALID_PROTOCOL]: Protocol "https:" not supported. Expected "http:"
I tried different versions of CDK and nothing, still the same error. After many tries I ended up with the root cause: node version. With v15.2.1 I got that error, but after downgrading to v14.15.1 the issue was solved.
MarkkuMyllarinen
commented
3 years ago If nothing helps try to sync your OS time. Helped me!
JohnnyClutch
commented
3 years ago For me, I'd copied my AWS_SECRET_ACCESS_KEY incorrectly. The --verbose option helped my diagnose it.
Yogesh-4091
commented
1 year ago Building assets failed: Error: Building Assets Failed: Error: Unable to resolve AWS account to use. It must be either configred when you define your CDK Stack, or through the environment, I spent 2 hours on it until I found out I have to login again.
aws sso login --profile xxxxxx Now it works.
Valengou
commented
7 months ago For me, I'd copied my AWS_SECRET_ACCESS_KEY incorrectly. The --verbose option helped my diagnose it.
I used verbose also and I noticed there was something wrong with my clock: Chatgpt helped me with this: The error message SignatureDoesNotMatch: Signature expired typically indicates that the time on your machine is not synchronized with the current time12. This can happen if you’re in a virtual machine and the host’s OS time does not match the guest’s OS time3.
AWS signatures include a timestamp and are only valid for a short period of time after they are created1. If the time on your machine is incorrect, the AWS service might consider the signature to be expired1.
Here are a few potential solutions:
Check the time on your machine: Make sure the time on your machine is correct. If you’re using Linux or WSL, you can run sudo hwclock -s to synchronize the hardware clock with the current system time2.
Error: Unable to resolve AWS account to use. It must be either configured when you define your CDK or through the environment
cmd used : cdk deploy --profile