Error: Profile dev requires a role to be assumed, but no role assumption callback was provided.
mguilherme opened this issue · comments
Describe the bug
I'm unable to Produce a message to an SQS queue using deno runtime:
Error Error: Profile dev requires a role to be assumed, but no role assumption callback was provided.
at resolveProfileData (mod.ts:152:13)
at mod.ts:118:57
at async SignatureV4.credentialProvider (memoize.ts:72:22)
at async SignatureV4.signRequest (SignatureV4.ts:220:25)
at async middleware.ts:28:18
at async StandardRetryStrategy.retry (defaultStrategy.ts:118:38)
at async send-message.ts:25:16
at async loggerMiddleware.ts:21:20
at async sqs.ts:33:18SDK version number
v3.0.0.0
Details of the deno version
deno 1.6.0
To Reproduce (observed behavior)
import {SendMessageCommand, SendMessageRequest, SQSClient} from "https://deno.land/x/aws_sdk/client-sqs/mod.ts"
const REGION = "eu-central-1";
const client = new SQSClient({region: REGION});
const params: SendMessageRequest = {
// DelaySeconds: 10,
MessageAttributes: {
contentType: {
DataType: "String",
StringValue: "application/json"
},
correlationId: {
DataType: "String",
StringValue: "1"
},
},
MessageBody: JSON.stringify({
field1: "11111",
field2: "11111"
}),
MessageGroupId: "Group1", // Required for FIFO queues
// MessageDeduplicationId: "TheWhistler", // Required for FIFO queues
QueueUrl: "QUEUE_URL"
}
try {
const data = await client.send(new SendMessageCommand(params));
console.log("Success, message sent. MessageID:", data.MessageId);
} catch (err) {
console.log("Error", err);
}Expected behavior
It should send a message and print a success message with a messageId
Additional context
Everything is configured properly, I can send messages using aws cli, python and java without a problem
This is very likely related to your ~/.aws/config and possible environment variables. Could you add the output of:
$ env | grep ^AWS_
And your (sanitized) ~/.aws/config?
This seems to be an issue upstream tracked at aws#1193
Hi,
Thanks for looking at this.
My configuration is fine, I'm using aws-vault to help me with mfa, I'm able to use other SDK for other languages.
and I think all my env are ok:
AWS_VAULT=dev
AWS_DEFAULT_REGION=eu-central-1
AWS_REGION=eu-central-1
AWS_ACCESS_KEY_ID=****************************************
AWS_SECRET_ACCESS_KEY=****************************************
AWS_SESSION_TOKEN==****************************************
AWS_SECURITY_TOKEN==****************************************
AWS_SESSION_EXPIRATION=2021-01-05T10:24:44Z
AWS_PROFILE=devand an example of one of my profiles in ~/.aws/config:
[default]
output = json
region = eu-central-1
[profile dev]
output = json
role_arn = arn:aws:iam::************:role/***/Admin
region = eu-central-1
source_profile = default
mfa_serial = arn:aws:iam::************:mfa/some-email-account@mail.com
cli_pager =Can you try to unset AWS_PROFILE and try again.
Interesting, it seems to work like that but I only see this behavior while using this!
Not sure why there's a problem with the AWS_PROFILE
If AWS_PROFILE is set, aws-sdk-js-v3 is reading your config and hitting the upstream issue I linked above. But since you use aws-vault to parse the config and pass credentials in the environment, you don't need the SDK to do that.
Thanks, I'll give it a look since I cannot change this behavior because I'm using with other sdk / tools
Not sure if there's a way to disable this through some configuration / Options in the SDK
Other than the environment variable AWS_PROFILE, I don't think so. But feel free to ask upstream about a workaround.
Ok, as a workaround I unset AWS_PROFILE using Deno and it seems to be working just fine:
Deno.env.delete("AWS_PROFILE");