application does not read profiles from config when credentials is missing
Opened this issue · 12 comments
10:54:06.151 › [main.js] AWS Config file exists = true at path /Users/***/.aws/config
10:54:06.167 › Error: ENOENT: no such file or directory, open '/Users/***/.aws/credentials'
I had to create an empty .aws/credentials
to have the app load the profiles defined in .aws/config
Hi @Laurian, thank you for submitting this bug.
Yes, application expects the presence of ~/.aws/credentials
file.
Out of curiosity, why you didn't have that file?
It kinda happened that way on a newly installed machine, just setup a single account with SSO and got only the config and not the credentials file
I see that's really uncommon, but can happen that someone has only SSO configuration.
Thanks again for submitting it. I will fix it in the next release :-)
Better error handling when there is no ~/.aws/credentials
file has been added in version 1.15.3
I see that this issue is still open so I'll just continue the conversation even though a release supposedly addressed the issue.
I'm using AWS SSO. I have it all set up and working on the CLI with many profiles. I use aws sso login --profile <my-profile>
to log in, which opens a browser window from which I can allow the authentication and I'm off to the races.
At no point do I use a .aws/credentials
file, nor would I want to as this will store credentials on disk. The aws sso login
process adds credentials to AWS_ACCESS_KEY_ID
and AWS_SECRET_ACCESS_KEY
.
How can I make this set up work with CloudPouch?
Hey @bwhaley I started working on this issue.
Indeed, right now CloudPouch expects ~/.aws/credentials
and without it crashes.
As a temporary work-around solution you can add ~/.aws/credentials
file with a FAKE credentials for default profiles
[default]
aws_access_key_id = FAKE
aws_secret_access_key = FAKE
cli_pager =
That will result in the error for this fake default
profile obviously :-)
but you would be able to select other profiles which are defined in the ~/.aws/config
.
Also, you don't need to execute the command aws sso login --profile <my-profile>
. CloudPouch opens a web browser tab for you with an authentication message when you click on an SSO profile.
This did the trick for me, thank you!
I do find that when I choose a profile, then select another, I'm asked to authenticate again. With SSO, I should only need to authenticate once. The same credentials should be valid for all the profiles.
Same here, using aws-vault to manage my credentials. Created a temporary [default] profile in ~/.aws/credentials file with AWS_REGION, AWS_DEFAUILT_REGION, AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY variables, but still seeing the error that no credentials are found.
Hey @peteroruba, thanks for trying out CloudPouch.
Have you defined it using lowercase?
As specified in the AWS docs for ~/.aws/credentials
.
[default]
aws_access_key_id = AKIAIOSFODNN7EXAMPLE
aws_secret_access_key = wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
@serverlesspolska thanks, that was it. For the record - I also had to add aws_session_token and now I am able to run it
I'm glad it solved the problem for you 😃
Regarding the aws_session_token
, I guess it's because your credentials are temporary, right?
Yes, exactly. I wanted to run it with my regular account for a quick evaluation, but for regular use a dedicated IAM user definitely makes more sense.