search

aws / aws-toolkit-jetbrains

AWS Toolkit for JetBrains - a plugin for interacting with AWS from JetBrains IDEs
https://plugins.jetbrains.com/plugin/11349-aws-toolkit
Apache License 2.0
730 stars 196 forks source link

WARN - software.aws.toolkits.jetbrains.core.credentials.AwsConnectionManager - Failed to switch to profile 'Profile:gm-sandbox' #4498

Open jkhalaf-gm opened 1 month ago

jkhalaf-gm commented 1 month ago

Describe the bug

My ~/.aws/config looks like this:

[profile default]
region = eu-west-2
output = json
sso_start_url = https://<some-name>.awsapps.com/start#/
sso_region = eu-west-1
sso_account_id = <some-number>
sso_role_name = ABSandboxAccess

[profile ab-dev]
region = eu-west-2
output = json
sso_start_url = https://<some-name>.awsapps.com/start#/
sso_region = eu-west-1
sso_account_id = <some-number>
sso_role_name = ABCoreServicesDevAccess

[profile ab-test]
region = eu-west-2
output = json
sso_start_url = https://<some-name>.awsapps.com/start#/
sso_region = eu-west-1
sso_account_id = <some-number>
sso_role_name = ABCoreServicesTestAccess

[profile ab-prod]
region = eu-west-2
output = json
sso_start_url = https://<some-name>.awsapps.com/start#/
sso_region = eu-west-1
sso_account_id = <some-number>
sso_role_name = ABBankingSupportAccess

[profile dc-dev]
sso_start_url = https://<some-name>.awsapps.com/start/
sso_region = us-east-1
sso_account_id = <some-number>
sso_role_name = AdministratorAccess
region = eu-west-2
output = json
cli_pager =

[profile dc-test]
sso_start_url = https://<some-name>.awsapps.com/start/
sso_region = us-east-1
sso_account_id = <some-number>
sso_role_name = AdministratorAccess
region = eu-west-2
output = json
cli_pager =

[profile dc-qa]
sso_start_url = https://<some-name>.awsapps.com/start/
sso_region = us-east-1
sso_account_id = <some-number>
sso_role_name = AdministratorAccess
region = eu-west-2
output = json
cli_pager =

[profile dc-prod]
sso_start_url = https://<some-name>.awsapps.com/start/
sso_region = us-east-1
sso_account_id = <some-number>
sso_role_name = AdministratorAccess
region = eu-west-2
output = json
cli_pager =

[profile gm-sandbox]
sso_session = gm-sso
sso_account_id = <some-number>
sso_role_name = administrator_access
region = eu-west-2
output = json

[sso-session gm-sso]
sso_start_url = https://<some-name>.awsapps.com/start
sso_region = eu-west-2
sso_registration_scopes = sso:account:access

To reproduce

I open JetBrains Rider, and authenticate here:

image

A browser opens, I authenticate, then it tells me to close the browser.

When I debug my solution, I get the following error:

System.ArgumentNullException: Value cannot be null. (Parameter 'Options property cannot be empty: ClientName')
   at Amazon.Runtime.Credentials.Internal.SSOTokenManager.GenerateNewTokenAsync(SSOTokenManagerGetTokenOptions options, CancellationToken cancellationToken)
   at Amazon.Runtime.Credentials.Internal.SSOTokenManager.GetTokenAsync(SSOTokenManagerGetTokenOptions options, CancellationToken cancellationToken)
   at Amazon.Runtime.SSOAWSCredentials.GetSsoCredentialsAsync(ICoreAmazonSSO sso)
   at Amazon.Runtime.SSOAWSCredentials.GenerateNewCredentialsAsync()
   at Amazon.Runtime.RefreshingAWSCredentials.GetCredentialsAsync()
   at Amazon.Runtime.Internal.CredentialsRetriever.InvokeAsync[T](IExecutionContext executionContext)
   at Amazon.Runtime.Internal.RetryHandler.InvokeAsync[T](IExecutionContext executionContext)
   at Amazon.Runtime.Internal.RetryHandler.InvokeAsync[T](IExecutionContext executionContext)
   at Amazon.Runtime.Internal.CallbackHandler.InvokeAsync[T](IExecutionContext executionContext)
   at Amazon.Runtime.Internal.CallbackHandler.InvokeAsync[T](IExecutionContext executionContext)
   at Amazon.Runtime.Internal.ErrorCallbackHandler.InvokeAsync[T](IExecutionContext executionContext)
   at Amazon.Runtime.Internal.MetricsHandler.InvokeAsync[T](IExecutionContext executionContext)
   at Core.Features.Login.LoginHandler.Handle(LoginCommand request, CancellationToken cancellationToken) in /home/j/code/gm/app/Core/Features/Login/LoginController.cs:line 111

Google tells me that error is due to AWS Config not loading.

When I view the logs for Rider, I see:

56773-2024-05-21 21:04:31,013 [  17046]   INFO - migration.software.aws.toolkits.jetbrains.core.credentials.ToolkitAuthManager - Token provider NOT_AUTHENTICATED, requesting login
56774-2024-05-21 21:04:31,017 [  17050]   WARN - software.aws.toolkits.jetbrains.core.credentials.pinning.CodeCatalystConnection - Rejecting sso-session:gm-sso since it's missing a required scope
56775-2024-05-21 21:04:31,017 [  17050]   WARN - software.aws.toolkits.jetbrains.core.credentials.pinning.CodeCatalystConnection - Rejecting AwsConnectionManagerConnection since it's not a bearer connection
56776:2024-05-21 21:04:31,021 [  17054]   WARN - software.aws.toolkits.jetbrains.core.credentials.AwsConnectionManager - Failed to switch to profile 'Profile:gm-sandbox'
56777-java.util.concurrent.ExecutionException: software.aws.toolkits.jetbrains.core.credentials.sso.bearer.NoTokenInitializedException: Token refresh started before session initialized

Expected behavior

I expect the AWS config to load and things to work.

Your Environment

Additional context

When I run my solution in the terminal, things work fine:

export AWS_PROFILE="gm-sandbox";
aws sso login --profile gm-sandbox
dotnet run -lp https --project Core
chriseqipe commented 1 month ago

I'v seen exactly the same.