Support AWS_SESSION_TOKEN in ssm.js
jing-emma opened this issue · comments
Per Issue #5 Support AWS_SESSION_TOKEN authentication, Support for AWS_SESSION_TOKEN has been added since 0.5.0.
I have tried to get a parameter from SSM by using ssm getParameter function. await systemsManager.getParameter(testParameterName)
. I got an error saying 'Uncaught (in promise) SystemsManagerServiceError: The security token included in the request is invalid'. We login AWS via SSO. I can do s3.listBuckets(). It is an issue only happened to ssm.
If I read the code correctly, I think the fix could be as simple as adding sessionToken: this.awsConfig.sessionToken
when constructing SignatureV4 on line 39
this.signature = new SignatureV4({
service: this.serviceName,
region: awsConfig.region,
credentials: {
accessKeyId: awsConfig.accessKeyId,
secretAccessKey: awsConfig.secretAccessKey,
sessionToken: this.awsConfig.sessionToken,
},
uriEscapePath: true,
applyChecksum: false,
})
I would appreciate it if you could take a look at this issue. Thanks
oh BTW kms.js does not have sessionToken passed in. I bet it had the same issue.
Good catch @jing-emma 👀 I'll look into it as soon as I have capacity.
If you have the time, we would also appreciate a PR 👍🏻
Hey @jing-emma,
Could you confirm that now that we've merged your pull request, we can close this issue?
Thanks so much for both reporting the issue and contributing! 💟
I have verified that this issue is fixed by using the locally built ssm.js in my project. A release with version 0.11.1 or later should have this fix.