AWS Profile flag doesn't work

[InAnimaTe]

Sops 3.2.0 on OS X installed with Brew.

sops -d test-env.secret.sops.yml --aws-profile production
Failed to get the data key required to decrypt the SOPS file.

Group 0: FAILED
  arn:aws:kms:us-east-1:426575684472:key/b09749f5-2a39-4ac6-af5e-da9ca8c06194: FAILED
    - | Error decrypting key: AccessDeniedException: The ciphertext
      | refers to a customer master key that does not exist, does
      | not exist in this region, or you are not allowed to access.
      |     status code: 400, request id:
      | cdf0ce06-d30e-7451-84d8-584d4052b716

Recovery failed because no master key was able to decrypt the file. In
order for SOPS to recover the file, at least one key has to be successful,
but none were.

However, export AWS_PROFILE=production works just fine.

ID's and uuids filtered.

[autrilla]

AWS profile support has not been released yet. You can install from master with go get if you really want it. I'm not sure when a new release will be cut. Probably when #435 lands.

[geljo]

It still isnt working in SOPS 3.3.0 (latest). Installed via HomeBrew on OSX.

The workaround with setting the AWS_PROFILE manually, is working.

[vranystepan]

I can confirm it's (most likely) not OS-specific issue. Linux amd64 exhibits the same behavior.

[salmanb]

Doesn't seem to work in 3.4.0

[pshanoop]

Doesn't seem to work in 3.4.0 It doesn't work on 3.5.0 too. Setting AWS_PROFILE seem to be working, Temporary workaround. :'(

[GallagherSam]

Just a note.

Setting AWS_PROFILE will only work if you are using a ~/.aws/credentials file as well. It will NOT work with environment variable credentials. See the issue above ^^

[dsalaza4]

Are there any news regarding this bug?

[autrilla]

No. We welcome contributions that fix it though.

[act-mreeves]

I can confirm this is still an issue as of version 3.7.3 even though https://github.com/mozilla/sops/pull/435 was merged.