Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Assuming the chain role without first assuming the source profile returns an error instead of initiating the login flow #698

Open
shwethaumashanker opened this issue Jul 16, 2024 · 1 comment

Comments

@shwethaumashanker
Copy link
Contributor

shwethaumashanker commented Jul 16, 2024

Assuming the chain role without first assuming the source profile returns an error instead of initiating the login flow:

Config to reproduce:

[profile chain-role]
source_profile = example-source-profile
role_arn       = arn:aws:iam::0123456789012:role/example

[profile example-source-profile]
granted_sso_start_url           = https://example.awsapps.com/start
granted_sso_region              = ap-southeast-2
granted_sso_account_id          = 0123456789012
granted_sso_role_name           = AdministratorAccess
region                          = us-west-2
credential_process              = granted credential-process --profile example-source-profile

If you assume the chain-role without having already assumed example-source-profile or did not go through the SSO auth that day, you will encounter the following error:

[✘] error when retrieving credentials from custom process. please login using 'granted sso login --sso-start-url https://d-example.awsapps.com/start --sso-region ap-southeast-2'
[✘] process provider error: error in credential_process: exit status 1

To do: Alter the behavior so that assuming chain-role will initiate the login flow

@chrnorm
Copy link
Contributor

chrnorm commented Jul 17, 2024

granted settings set --setting=CredentialProcessAutoLogin --value true

may solve this

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants