Open anitiangodfrey opened 3 years ago
jckuester
commented
3 years ago Hi @anitiangodfrey,
are you using a profile as credentials to access AWS or any other mechanism? Maybe it will help when I merge https://github.com/jckuester/awsls/pull/29, as this provides some yet unsupported authentication mechanisms, such as SSO.
anitiangodfrey
commented
3 years ago Hey @jckuester, I'm using a profile but with MFA. My profile only gives me access to run the sts command to get my temp session credentials then I export those temp credentials as environment variables. Would awsls use my profile over my environment variables?
For reference https://docs.aws.amazon.com/cli/latest/reference/sts/get-session-token.html
jckuester
commented
3 years ago Can you try if govcloud works for you with the new release v0.10.0?
Would awsls use my profile over my environment variables?
This could actually be the case. Not sure what the precedence for the AWS CLI is, when both credentials and a profile is set via environment variables (https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-envvars.html)?
anitiangodfrey
commented
3 years ago Looks like that was it. Having my AWS_PROFILE variable set along with the environment variables for my temporary credentials was causing my permission deny error. Unsetting AWS_PROFILE solved the issue, thanks for your help!
gene1wood
commented
2 years ago @jckuester This issue can be closed
Hello, I was wondering if this should work with an account in aws govcloud? I was able to run awsls fine in a commercial account but kept getting access denied errors in govcloud even though I have the correct permissions. I added full admin just to test and got the same error.
For example:
But running just
aws s3 lsreturns a list of my buckets fine.Thanks for your help!