Running into the issue where SSO is not configured. Appears to be trying to use my default profile from the aws credentials file. Is there a way to specify a different profile?

(node:43368) UnhandledPromiseRejectionWarning: ForbiddenException, AccessDeniedException: User: arn:aws:iam::34534534345343:user is not authorized to perform

Thanks for raising this and apologies for the slow response. This is now fixed and will be released shortly

Hi @ljacobsson and thanks for your lib, looks awesome :)

I'm running into issue using the --profile option

As you can see from screenshot above, I ensured profile was indeed defined in my configuration, however I can't get it to be used by evb.

Can you help ?

@ljacobsson I know it’s not strictly the purpose of this project, but a “setup with IAM” part of the readme would be really helpful. I’m currently struggling to get evb-cli to run without SSO.

@j4zz

Can you try v1.1.36? Just fixed a bug in the credentials chain.

No instructions should be needed

@fredericbarthelet

Can you try again? I can't reproduce your issue.

If it still persists can you please paste a censored version of your ~/.aws/config file?

@ljacobsson I’m still having an issue getting this to work. Fully admitting to the possibility that there is some configuration hickup on my system, though.

aws iam get-user returns the correct UserId/Accoutn/Arn.

Any evb command I’ve tried so far errors out with the following:

$ evb -v 
1.1.36
$ evb input --format json
(node:49224) UnhandledPromiseRejectionWarning: BadRequest: The security token included in the request is invalid.
    at Object.extractError (/Users/j4zz/.nvm/versions/node/v14.15.5/lib/node_modules/@mhlabs/evb-cli/node_modules/aws-sdk/lib/protocol/json.js:52:27)
    at Request.extractError (/Users/j4zz/.nvm/versions/node/v14.15.5/lib/node_modules/@mhlabs/evb-cli/node_modules/aws-sdk/lib/protocol/rest_json.js:55:8)
    at Request.callListeners (/Users/j4zz/.nvm/versions/node/v14.15.5/lib/node_modules/@mhlabs/evb-cli/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/Users/j4zz/.nvm/versions/node/v14.15.5/lib/node_modules/@mhlabs/evb-cli/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/Users/j4zz/.nvm/versions/node/v14.15.5/lib/node_modules/@mhlabs/evb-cli/node_modules/aws-sdk/lib/request.js:688:14)
    at Request.transition (/Users/j4zz/.nvm/versions/node/v14.15.5/lib/node_modules/@mhlabs/evb-cli/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/Users/j4zz/.nvm/versions/node/v14.15.5/lib/node_modules/@mhlabs/evb-cli/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /Users/j4zz/.nvm/versions/node/v14.15.5/lib/node_modules/@mhlabs/evb-cli/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/Users/j4zz/.nvm/versions/node/v14.15.5/lib/node_modules/@mhlabs/evb-cli/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/Users/j4zz/.nvm/versions/node/v14.15.5/lib/node_modules/@mhlabs/evb-cli/node_modules/aws-sdk/lib/request.js:690:12)

@j4zz I'm finding it hard to reproduce this.

What authentication mechanism do you use? Just normal access/secret key?

@ljacobsson Upon further investigation it could have been a profile choice/detection mismatch. If I align ~/.aws/config with ~/.aws/credentials for the default profile the issue is solved, so it could have been a configuration issue on my end.

From my perspective it works now, this issue can be closed and I’m happy to finally start using evb-cli. 🎉

Awesome!

Thanks for reporting anyway :-) Working with the aws-cli credentials config can be a pain

Closing this issue 🎉