Open DougManton opened 7 months ago
Hi @DougManton ,
The credentials used by KMS encryption are passed from AWS CLI to the Session Manager plugin. What is the version of AWS CLI you are using? There was a fix done in AWS CLI to correctly pass the credential profile down, and it was released in AWS CLI v2.35.61 and v1.32.116. If you continue to see issues after upgrading to the latest version, please let us know for further investigation.
Regards, Yuting
FWIW just modify the generated output of aws-sso config-profiles
from -S "Default"
to -S Default
.
It solved a similar issue I had with a terraform stack.
It also happens when you use an sso-session
whose name contains whitespaces as the profile's credentials.
I'd really appreciate your help to find the root cause for a problem authenticating sessions when using session-manager-plugin in combination with KMS session encryption and an external credential_process.
Steps to Reproduce
aws ssm start-session --profile myprofile --target mi-1234567890abcd
Workarounds
Thoughts on Problem
\"Default\"
instead of"Default"
, and has no profile named\"Default\"
causing the failure