Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

AWS SSO Exception

See original GitHub issue

when pointing sleet to a profile with AWS SSO credentials sleet responds with

[System.InvalidOperationException] Assembly AWSSDK.SSOOIDC could not be found or loaded. This assembly must be available at runtime to use Amazon.Runtime.SSOAWSCredentials, AWSSDK.Core, Version=3.3.0.0, Culture=neutral, PublicKeyToken=885c28607f98e604.

for reference, my sleet.json uses "profileName": "aws-dev" and a corresponding entry is in my ~/.aws/config :

[profile aws-dev]
sso_start_url = ...
sso_region = ...
sso_account_id = ...
sso_role_name = ...
region = ...
output = json

I’m getting new credentials with aws sso login --profile aws-dev before, so everything seems to be setup correctly on my side.

Looks like sleet might just need to update it’s dependency on the aws core sdk libraries?

Issue Analytics

  • State:open
  • Created 6 months ago
  • Reactions:1
  • Comments:6 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
huttermcommented, Apr 3, 2023

Can confirm, it works! Thanks a lot!

heads up for anyone that comes across this: I initially hit this ArgumentNullException: Parameter name: Options property cannot be empty: ClientName simitlar to https://github.com/aws/aws-sdk-net/issues/1821

I worked through that thread and as it turns out my AWS CLI needed an update as well. After that it worked flawlessly when previously logging in with aws sso login --profile ...

0reactions
huttermcommented, Apr 4, 2023

@emgarten Just to explain to you quickly what was throwing there. I went through your code to see what was happening.

First finding: your additions here: https://github.com/emgarten/Sleet/pull/170/files#diff-c5ea30c889009ba11fba4fe02f94c6094f2a031e07b079f92e5c1198f07c3e16R182 are actually not being hit! the SSO Credentials are correctly gotten from line 177 already.

Second:

                            if (credFile.TryGetProfile(profileName, out var profile))
                            {
                                // Successfully created the credentials using the profile
                                var awsCredentials = profile.GetAWSCredentials(profileSource: null);
                                ((SSOAWSCredentials)awsCredentials).Options.ClientName = "SSO";
                                ((SSOAWSCredentials)awsCredentials).Options.SsoVerificationCallback = ssoArgs =>
                                    System.Diagnostics.Process.Start(new System.Diagnostics.ProcessStartInfo()
                                    {
                                        FileName = ssoArgs.VerificationUriComplete, UseShellExecute = true
                                    });
                                amazonS3Client = new AmazonS3Client(awsCredentials, config);
                            }

with this code in place, you will actually handle timed out credentials. You probably would need some considerations to not get a CastException if you have other credentials and I’m not sure if you can start a process form every context where Sleet would run, but that code at least opens the browser for me and does the SSO verification and gets a new token. Without that code, if that ClientName and SsoVerificationCallback is missing, that’s when you get the ArgumentNullException I talked about here.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Common Errors - AWS IAM Identity Center (successor to ...
The AWS access key ID needs a subscription for the service. HTTP Status Code: 403. RequestAbortedException. Convenient exception that can be used when...
Read more >
Class Aws\SSO\Exception\SSOException
Indicates that the request is not authorized. This can happen due to an invalid access token in the request. Members. message. Type: string....
Read more >
Class Aws\SSOAdmin\Exception\SSOAdminException
Represents an error interacting with the AWS Single Sign-On Admin service. Methods Summary. Methods inherited from Aws\Exception\AwsException.
Read more >
Troubleshooting IAM Identity Center issues
This error may occur for multiple reasons, but one common reason is a mis-match between the user information carried in the SAML request,...
Read more >
Exception: Aws::SSO::Errors::UnauthorizedException
Exception : Aws::SSO::Errors::UnauthorizedException · Instance Attribute Summary · Method Summary · Constructor Details.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Not working

Next page

I would like to configure Sleet to use Minio as a local S3 compliant object store