Closed michaelconnor00 closed 3 years ago
Have you tried running in verbose mode to see if the output matches your credentials?
Here is a verbose output.
➜ gsts --aws-role-arn arn:aws:iam::<account_id>:role/aws-reserved/sso.amazonaws.com/AdministratorAccess --sp-id <sp_id> --idp-id <idp_id> --verbose
ℹ Attempting to retrieve session expiration credentials
ℹ Request to "https://us-east-1.signin.aws.amazon.com/platform/saml/acs/<some_id>" has been aborted
Edit: When I run the above command without --verbose
it sits at the spinner Logging in
.
@michaelconnor00 it seems like sso.amazonaws.com uses a different flow to authenticate. Can you tell me which requests are made when? I believe that domain must be whitelisted, or gsts will automatically abort the request.
The awscli v2 had the sso support we needed. I don't think I understood what I needed when I created this issue. I will close it. Thanks.
@michaelconnor00 are you using AWS SSO with Google Workspace?
Yes.
On Mon, 1 Feb 2021 at 16:45, Rui Marinho notifications@github.com wrote:
@michaelconnor00 https://github.com/michaelconnor00 are you using AWS SSO with Google Workspace?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/ruimarinho/gsts/issues/38#issuecomment-771264300, or unsubscribe https://github.com/notifications/unsubscribe-auth/AB3PPL55HKXOPXRHYNME2OLS45DL5ANCNFSM4UVPBTLA .
I am trying to install this tool using the
credential_process
. I have all the values as per the docs. When I run a test command such asaws sts get-caller-identity
oraws ec2 describe-instances
, I get the following outputExpecting value: line 1 column 1 (char 0)
. I must be missing something.I am a Linux user if it helps.