New AWS SSO config format

thomasmichaelwallace / serverless-better-credentials

Better AWS credentials resolution plugin for serverless

MIT License

54 stars 9 forks source link

New AWS SSO config format #18

Closed aldebout closed 12 months ago

aldebout commented 1 year ago

Describe the bug This plugin is not compatible with the new default AWS SSO sessions format

To Reproduce Steps to reproduce the behavior:

Define a new sso session profile with aws configure sso
Try to deploy a serverless stack with this plugin and the new profile
The plugin will try to use the default profile.

Expected behavior The plugin loads the right profile.

Desktop (please complete the following information):

OS: MacOS
Version v1.1.2
Serverless Version 3.26.0

thomasmichaelwallace commented 1 year ago

Hi -

Thanks for reporting this (and sorry for the slow response!).

Annoyingly it's a bug I'm aware of. Although in this case (unlike #9), it is something that has some support in newer versions of v2 of the aws-sdk (i.e. doesn't require a re-write to v3).

I'll see what I can do!

aldebout commented 1 year ago

No worries!

The workaround if anyone is wondering: when running aws configure sso, just press Enter without writing anything for the first prompt (SSO session name (Recommended):).

dk-charter commented 1 year ago

@aldebout Unfortunately that didn't work for me.

Later: Worked, but I needed to remove all reference to my previously created profile and include export AWS_SDK_LOAD_CONFIG=1

herebebogans commented 1 year ago

@aldebout your tip is just reverting to legacy configuration mode

vicary commented 12 months ago

@aldebout When I have already created a named session, running aws configure sso again defaults to that name instead.

My understanding is that you try to create a default session similar to [profile default], I want to try that but I have never seen how a default session looks like in ~/.aws/config.

Is it called [sso-session default], or is it something else?

thomasmichaelwallace commented 12 months ago

This may be addressed in v1.2.1 - feel free to re-open if not.

vicary commented 11 months ago

@thomasmichaelwallace There is a small issue when using Serverless Compose. When multiple services try to open up browser window for SSO authentication, only one would actually open.

Running this again would actually fix it because it reuses the now active sso session, but this bug renders CI/CD impossible.

obataku commented 7 months ago

@thomasmichaelwallace using sso-session + sso_session still does not work with 2.0.0 (AWS provider credentials not found.); reverting to the legacy SSO config format resolves things