session always uses AWS_PROFILE even if profile_name=None is set
See original GitHub issueDescribe the bug I want to create a new credential set for my .aws/credentials file. Sometimes when I run the script to do so, I may already have environment variables set, pointing to the creds I am about to create. However I cannot prevent boto3 from trying to use the AWS_PROFILE. The error says the ${AWS_PROFILE} profile cannot be found. But I don’t want it to use that, that’s why I specified profile_name=None.
Steps to reproduce
export AWS_PROFILE=nonexistent
python3
>>> import boto3
>>> session = boto3.session.Session(profile_name=None,)
Expected behavior I’d expect an “empty” session to be created without a profile. Then I can do
>>> client = session.client('sts')
>>> response = client.assume_role_with_saml(
RoleArn=role_arn,
....etc...
>>> session = boto3.Session(
aws_access_key_id=response['Credentials']['AccessKeyId'],
Debug logs
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/local/lib/python3.8/site-packages/boto3/session.py", line 80, in __init__
self._setup_loader()
File "/usr/local/lib/python3.8/site-packages/boto3/session.py", line 120, in _setup_loader
self._loader = self._session.get_component('data_loader')
File "/usr/local/lib/python3.8/site-packages/botocore/session.py", line 682, in get_component
return self._components.get_component(name)
File "/usr/local/lib/python3.8/site-packages/botocore/session.py", line 919, in get_component
self._components[name] = factory()
File "/usr/local/lib/python3.8/site-packages/botocore/session.py", line 155, in <lambda>
lambda: create_loader(self.get_config_variable('data_path')))
File "/usr/local/lib/python3.8/site-packages/botocore/session.py", line 237, in get_config_variable
return self.get_component('config_store').get_config_variable(
File "/usr/local/lib/python3.8/site-packages/botocore/configprovider.py", line 293, in get_config_variable
return provider.provide()
File "/usr/local/lib/python3.8/site-packages/botocore/configprovider.py", line 390, in provide
value = provider.provide()
File "/usr/local/lib/python3.8/site-packages/botocore/configprovider.py", line 451, in provide
scoped_config = self._session.get_scoped_config()
File "/usr/local/lib/python3.8/site-packages/botocore/session.py", line 337, in get_scoped_config
raise ProfileNotFound(profile=profile_name)
botocore.exceptions.ProfileNotFound: The config profile (nonexistent) could not be found
Issue Analytics
- State:
- Created 3 years ago
- Reactions:4
- Comments:5 (2 by maintainers)
Top Results From Across the Web
Named profiles for the AWS CLI - AWS Command Line Interface
A named profile is a collection of settings and credentials that you can apply to a AWS CLI command. When you specify a...
Read more >How do I set the name of the default profile in AWS CLI?
I have tried aws configure set profile Default to name the default profile as Default by reading the 'set' CLI command, I also...
Read more >You only need to call`aws sso login` once for all your profiles
So when you call aws sts get-caller-identity --profile AcctA-Role1 , it loads the cached SSO token and uses it to retrieve credentials for...
Read more >Understanding and Using PowerShell AWS Profiles
Using a single default profile can be used if you only have a single access key and will always use that. Default profiles...
Read more >AWS Credentials - Serverless Framework
If you do not wish to use Serverless Dashboard, then you need to configure the Serverless ... You can even set up different...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@swetashre the user has set the AWS_PROFILE already.
IF I don’t set any profile_name in the session then it uses the AWS_PROFILE and fails. If I set profile_name to None then it uses the AWS_PROFILE and fails.
Sorry if my comments were not clear. I meant if you don’t specify any profile name then the default profile will be used. But if there is no default profile, an empty config dictionary will be used to create a session. So yes, you can create an empty session. If you want to create an empty session then don’t set the profile_name parameter at all.
https://boto3.amazonaws.com/v1/documentation/api/latest/guide/session.html
For your second point:
I agree assume_role_with_saml api does not need any credentials but api calls like sts assume_role api need credentials to make initial api call. So in this case
i will get error as i created an empty session without any credentials.
So in your case if you don’t want the session to use any AWS_PROFILE then don’t set the profile_name parameter at all.
I hope it helps and please let me know if you have any concerns.