Giters

99designs / aws-vault

A vault for securely storing and accessing AWS credentials in development environments

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Infinite loop caused by `source_profile` not detected

AndyTitu opened this issue · comments

commented
  • I am using the latest release of AWS Vault
  • I have provided my .aws/config (redacted if necessary)
  • I have provided the debug output using aws-vault --debug (redacted if necessary)

Summary

My aws/config is something like:

[default]
output=json
region=us-east-1

[profile andy]
source_profile=prod
role_arn=arn:aws:iam::123456789012:role/testRole
mfa_serial=arn:aws:iam::123456789012:mfa/andi

[profile prod]
source_profile=dev
role_arn=arn:aws:iam::123456789012:role/testRole2

[profile dev]
source_profile=andy
role_arn=arn:aws:iam::123456789012:role/testRole1

I am introducing an endless loop by mistake because I'm cross referencing profiles andy and prod.

Expected

An error when parsing this profile's config, like the AWS cli has:

Infinite loop in credential configuration detected. Attempting to load from profile andy which has already been visited. Visited profiles: ['andy', 'prod', `dev`]

Actual

Command halts forever

➜  aws-vault exec andy -- aws sts get-caller-identity

^C