AttributeError: 'NoneType' object has no attribute 'strftime'

BrianMusson commented 3 years ago

Installed through brew:

$ awsume --version
4.4.1

$ sw_vers
ProductName:     Mac OS X
ProductVersion: 10.15.6
BuildVersion:   19G71a

$ awsume test-development
[test-development] Role credentials will expire 2020-08-14 09:44:05

$ awsume test-development -a
[test-development] Role credentials will expire 2020-08-14 09:44:17
Traceback (most recent call last):
  File "/usr/local/bin/awsumepy", line 12, in <module>
    sys.exit(main())
  File "/usr/local/Cellar/awsume/4.4.1_1/libexec/lib/python3.8/site-packages/awsume/awsumepy/main.py", line 29, in main
    run_awsume(sys.argv[1:])
  File "/usr/local/Cellar/awsume/4.4.1_1/libexec/lib/python3.8/site-packages/awsume/awsumepy/main.py", line 17, in run_awsume
    awsume.run(argument_list)
  File "/usr/local/Cellar/awsume/4.4.1_1/libexec/lib/python3.8/site-packages/awsume/awsumepy/app.py", line 263, in run
    credentials = self.get_credentials(args, profiles)
  File "/usr/local/Cellar/awsume/4.4.1_1/libexec/lib/python3.8/site-packages/awsume/awsumepy/app.py", line 205, in get_credentials
    create_autoawsume_profile(self.config, args, profiles, credentials)
  File "/usr/local/Cellar/awsume/4.4.1_1/libexec/lib/python3.8/site-packages/awsume/awsumepy/lib/autoawsume.py", line 19, in create_autoawsume_profile
    profile['source_expiration'] = role_session.get('SourceExpiration').strftime('%Y-%m-%d %H:%M:%S')
AttributeError: 'NoneType' object has no attribute 'strftime'

$ cat /usr/local/Cellar/awsume/4.4.1_1/libexec/lib/python3.8/site-packages/awsume/awsumepy/lib/autoawsume.py
import argparse

from . import aws_files as aws_files_lib
from . import profile as profile_lib
from . import safe_print
from . logger import logger
from . import exceptions

def create_autoawsume_profile(config: dict, arguments: argparse.Namespace, profiles: dict, role_session: dict):
    logger.info('Creating autoawsume profile')
    _, credentials_file = aws_files_lib.get_aws_files(arguments, config)
    autoawsume_profile_name = arguments.output_profile or 'autoawsume-{}'.format(arguments.target_profile_name)
    if not profile_lib.is_mutable_profile(profiles, autoawsume_profile_name):
        raise exceptions.ImmutableProfileError(autoawsume_profile_name, 'not awsume-managed')
    profile = profile_lib.credentials_to_profile(role_session)
    profile['autoawsume'] = 'true'
    profile['expiration'] = role_session.get('Expiration').strftime('%Y-%m-%d %H:%M:%S')
    profile['source_expiration'] = role_session.get('SourceExpiration').strftime('%Y-%m-%d %H:%M:%S')
    profile['awsumepy_command'] = ' '.join(arguments.system_arguments)
    aws_files_lib.add_section(autoawsume_profile_name, profile, credentials_file, True)

mbarneyjr commented 3 years ago

The brew method of installation is not the officially supported method of installing awsume. We recommend the use of pipx to install awsume

I'm not sure if that is the cause of the problem you're experiencing, so if trying to install with pipx doesn't resolve the issue, can you provide me more detail on how your config and credentials files are configured (redacting any secrets or account IDs of course)

chkp-amirtal commented 3 years ago

still having this issue after installing using pipx (after doing brew uninstall awsume)

config:

[default]
region = eu-west-1
output = json

[profile dev]
region = eu-west-1
source_profile = my-sandbox-XXXXXXXXXXXX-userATdomain.com
role_arn = arn:aws:sts::XXXXXXXXXXXX:role/admin

credentials:

[my-sandbox-XXXXXXXXXXXX-userATdomain.com]
aws_access_key_id = XXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXXXXXXXXXXX
region=us-east-1
output=json

❯ awsume --version
4.4.1

❯ sw_vers
ProductName: Mac OS X
ProductVersion: 10.15.4
BuildVersion:   19E287

❯ awsume dev
[cinfradevprd] Role credentials will expire 2020-08-21 22:51:16

❯ awsume dev -a
[cinfradevprd] Role credentials will expire 2020-08-21 22:51:20
Traceback (most recent call last):
  File "/Users/amirtal/Library/Python/3.7/bin/awsumepy", line 8, in <module>
    sys.exit(main())
  File "/Users/amirtal/Library/Python/3.7/lib/python/site-packages/awsume/awsumepy/main.py", line 29, in main
    run_awsume(sys.argv[1:])
  File "/Users/amirtal/Library/Python/3.7/lib/python/site-packages/awsume/awsumepy/main.py", line 17, in run_awsume
    awsume.run(argument_list)
  File "/Users/amirtal/Library/Python/3.7/lib/python/site-packages/awsume/awsumepy/app.py", line 263, in run
    credentials = self.get_credentials(args, profiles)
  File "/Users/amirtal/Library/Python/3.7/lib/python/site-packages/awsume/awsumepy/app.py", line 205, in get_credentials
    create_autoawsume_profile(self.config, args, profiles, credentials)
  File "/Users/amirtal/Library/Python/3.7/lib/python/site-packages/awsume/awsumepy/lib/autoawsume.py", line 19, in create_autoawsume_profile
    profile['source_expiration'] = role_session.get('SourceExpiration').strftime('%Y-%m-%d %H:%M:%S')
AttributeError: 'NoneType' object has no attribute 'strftime'

mbarneyjr commented 3 years ago

This problem stemmed from the fact that the source profile (the my-sandbox profile) didn't have an expiration and didn't require MFA. This should be fixed in 4.5.0a4. Let us know if you have any other issues!

mbarneyjr commented 3 years ago

4.5.0 has been released

awinecki commented 3 years ago

I think I've bumped into the same issue.

 awsume myprofile -a

outputs:

Traceback (most recent call last):
  File "/Users/awinecki/.local/bin/awsumepy", line 8, in <module>
    sys.exit(main())
  File "/Users/awinecki/.local/pipx/venvs/awsume/lib/python3.9/site-packages/awsume/awsumepy/main.py", line 29, in main
    run_awsume(sys.argv[1:])
  File "/Users/awinecki/.local/pipx/venvs/awsume/lib/python3.9/site-packages/awsume/awsumepy/main.py", line 17, in run_awsume
    awsume.run(argument_list)
  File "/Users/awinecki/.local/pipx/venvs/awsume/lib/python3.9/site-packages/awsume/awsumepy/app.py", line 263, in run
    credentials = self.get_credentials(args, profiles)
  File "/Users/awinecki/.local/pipx/venvs/awsume/lib/python3.9/site-packages/awsume/awsumepy/app.py", line 205, in get_credentials
    create_autoawsume_profile(self.config, args, profiles, credentials)
  File "/Users/awinecki/.local/pipx/venvs/awsume/lib/python3.9/site-packages/awsume/awsumepy/lib/autoawsume.py", line 18, in create_autoawsume_profile
    profile['expiration'] = role_session.get('Expiration').strftime('%Y-%m-%d %H:%M:%S')
AttributeError: 'NoneType' object has no attribute 'strftime'

awsume -v
> 4.5.0

Python 3.9.2.

fish, version 3.1.2

installed awsume using pipx install awsume, using pipx, version 0.16.1.0

My ~/.aws/credentials:

[myprofile]
aws_access_key_id=***
aws_secret_access_key=***
aws_session_token=IQ***********Qo

I've noticed @amirtal-cp had this bit in the error output: role_session.get('SourceExpiration'), whereas I have role_session.get('Expiration'). Not sure what this means, though.

My context: I have a multi-AWS setup managed by ControlTower, with SSO sign on. When I log into the start SSO log in screen, I can grab credentials for my user for a specific permission set. However, these credentials are short lived. In my case, configured to 1 hour. I know it can be increased to 4 or 12 hours.

What I'd like to achieve is to just have the account configured somewhat more permanently, not having to get these credentials every couple hours or every day. I thought this could be achieved with autoawsume.

trek10inc / awsume

AttributeError: 'NoneType' object has no attribute 'strftime' #118