cli: does not support SSO authentication
See original GitHub issueI am following the blog post here.
When issuing the command :
cdk bootstrap aws://<account>/<region> --profile my-profile
I get a KeyError: 'CDK_DEFAULT_ACCOUNT'
in my app.py
In order to try to understand the error I also ran :
cdk synth --trace --verbose --profile my-profile
and I see :
Setting "CDK_DEFAULT_REGION" environment variable to eu-west-1
Resolving default credentials
Unable to determine the default AWS account: ProcessCredentialsProviderFailure: Profile my-profile did not include credential process
at ProcessCredentials.load (C:\Users\XXX\AppData\Roaming\npm\node_modules\aws-cdk\node_modules\aws-sdk\lib\credentials\process_credentials.js:102:11)
at ProcessCredentials.coalesceRefresh (C:\Users\XXX\AppData\Roaming\npm\node_modules\aws-cdk\node_modules\aws-sdk\lib\credentials.js:205:12)
at ProcessCredentials.refresh (C:\Users\DAA426\XXX\Roaming\npm\node_modules\aws-cdk\node_modules\aws-sdk\lib\credentials\process_credentials.js:163:10)
at ProcessCredentials.get (C:\Users\DAA426\XXX\Roaming\npm\node_modules\aws-cdk\node_modules\aws-sdk\lib\credentials.js:122:12)
at resolveNext (C:\Users\DAA426\XXX\Roaming\npm\node_modules\aws-cdk\node_modules\aws-sdk\lib\credentials\credential_provider_chain.js:125:17)
at C:\Users\XXX\AppData\Roaming\npm\node_modules\aws-cdk\node_modules\aws-sdk\lib\credentials\credential_provider_chain.js:126:13
at C:\Users\XXX\AppData\Roaming\npm\node_modules\aws-cdk\node_modules\aws-sdk\lib\credentials.js:124:23
at C:\Users\XXX\AppData\Roaming\npm\node_modules\aws-cdk\node_modules\aws-sdk\lib\credentials.js:212:15
at processTicksAndRejections (internal/process/task_queues.js:77:11) {
code: 'ProcessCredentialsProviderFailure',
time: 2021-06-25T08:07:47.744Z
The region is correct so somehow the profile is taken into account but not the credentials. Note that the credentials work perfectly fine if I do for example :
aws s3 ls --profile my-profile
Reproduction Steps
Copy the project :
git clone https://github.com/aws-samples/enginframe-aurora-serverless
Create a virtual environment with Python and install the dependencies e.g. using virtualenv and virtualenvwrapper :
mkvirtualenv cdk-test -p path/to/python/3.8/executable
work on cdk-test
pip install -r requirements.txt
finally, run the bootstrap command using your profile (and having performed whatever logging process this requires beforehand)
cdk bootstrap aws://<account>/<region> --profile my-profile
Note:
If you have an error with "can't find python executable"
change "app": "python3 app.py",
in cdk.json to "app": "python app.py",
What did you expect to happen?
The command should work without any issue
What actually happened?
The command throws an error when reading the Python file because it can’t find the account because it can’t find the credentials process.
Environment
- CDK CLI Version : 1.109.0
- Framework Version: ??
- Node.js Version: v14.17.1
- OS : Windows 10
- Language (Version): Python 3.8.3
Other
I am behind a company proxy (Zscaler)
This is 🐛 Bug Report
Issue Analytics
- State:
- Created 2 years ago
- Reactions:13
- Comments:17 (5 by maintainers)
Hmm, looks like this might be a duplicate of #5455
Some more info, if it helps. I’m using my default profile
As you can see, besides the fact that it fails, it retries once every minute for 10 minutes to do so
I’m happy to provide more details if it helps.