Open developer202020 opened 2 years ago
Hey @developer202020
Could you provide more information about your setup and/or more of your logs?
Try setting the extension log-level to debug
through the settings item aws.logLevel
:
Make sure to omit any potentially sensitive details. Any information about what type of credentials profile you're using (SSO/MFA/credential_process
/Some combination) would also be very helpful!
Hi JadenSimon,
We use MFA
Step 1 Open AWS Toolkit
Step 2 Select "Connect to AWS..."
Step 3 "Select a credentials profile" (we select NAME4 - see the config below)
Step 4 Enter code for MFA device
Step 5 View logs
config file [default] region = REGION output = text
[profile NAME2] role_arn=arn:aws:iam::YYYYY:role/ROLE_NAME output = text region = REGION s3 = signature_version = s3v4
[profile NAME4] role_arn=arn:aws:iam::YYYYY:role/ROLE_NAME source_profile=NAME2 region = REGION mfa_serial=arn:aws:iam::XXXXXX:mfa/USER_NAME
[profile NAME5] role_arn=arn:aws:iam::YYYYY:role/ROLE_NAME source_profile=NAME2 region = REGION mfa_serial=arn:aws:iam::XXXXXX:mfa/USER_NAME
credentials file [NAME1] aws_access_key_id=XXXXX aws_secret_access_key=XXXXX aws_mfa_device=arn:aws:iam::XXXXX:mfa/USER_NAME
[NAME2] assumed_role=False aws_access_key_id = XXXXX aws_secret_access_key = XXXXX aws_session_token = XXXXX
[default] aws_access_key_id=XXXXX aws_secret_access_key=XXXXX aws_session_token=XXXXX
"Select a credentials profile" (we select NAME4 - see the config below)
Does the NAME4 profile work with other tools, e.g. aws
cli?
aws --profile NAME4 s3 ls
We removed aws_session_token = from the credentials file and run aws --profile NAME4 s3 ls
Are the NAME2
credentials being generated? I only ask because I have not seen assumed_role=False
before. The Socket is closed
message could be due to WSL2 but I'm not sure. Does NAME2
need an MFA code too or just NAME4
?
NAME4 will need an MFA code, yes USER_NAME - IAM user name
When we select NAME2 from the list of profiles (see Step 3 above)
If it doesn't work with aws
cli (which is more forgiving that AWS SDK) then it's very unlikely to work with AWS Toolkit.
I couldn't find any WSL related issues on https://github.com/aws/aws-cli . But it may be worth raising an issue there.
Looks like the exact error code is NetworkingError
. Are you using a proxy? That may cause problems (this seems to be a good reference https://code.visualstudio.com/docs/remote/wsl#_im-behind-a-proxy-and-have-connectivity-issues)
for WSL + VPN + Cisco, see also https://github.com/aws/aws-toolkit-vscode/issues/1327#issuecomment-724120566
Desktop (please complete the following information):
Question
Cannot connect to AWS with AWS Toolkit [ERROR]: login: failed to connect with "profile:PROFILE_NAME": Socket is closed