Does the daemon support SSO?

Question

Does the daemon support SSO?

jjdonov opened this issue 3 years ago · 2 comments

We are trying to use the daemon with SSO for local testing and are facing some issues.

2021-07-15T17:05:27-06:00 [Info] Initializing AWS X-Ray daemon 3.3.2
2021-07-15T17:05:27-06:00 [Info] Using buffer memory limit of 163 MB
2021-07-15T17:05:27-06:00 [Info] 2608 segment buffers allocated
2021-07-15T17:05:27-06:00 [Info] Using region: us-west-2
2021-07-15T17:05:27-06:00 [Info] HTTP Proxy server using X-Ray Endpoint : https://xray.us-west-2.amazonaws.com
2021-07-15T17:05:27-06:00 [Info] Starting proxy http server on 127.0.0.1:2000
2021-07-15T17:07:39-06:00 [Error] Unable to sign request: NoCredentialProviders: no valid providers in chain. Deprecated.

From what I understand, the go sdk supports SSO but does the aws-xray-daemon implement this functionality?

My credentials file looks like

[profile <redacted>]
sso_start_url = <redacted>
sso_region = us-west-2
sso_account_id = <redacted>
sso_role_name = <redacted>
region = <redacted>

And we are invoking the daemon with ./xray_mac -o -n us-west-2

Answer 1 · 2021-07-16T00:19:35.000Z

Hi @jjdonov,

X-Ray Daemon does not support SSO credential currently it is consuming aws-sdk-go v1.29.29. However, SSO credential provider support released in v1.37.0 release. I will mark this issue as an enhancement to update the aws-sdk-go dependency version in X-Ray Daemon.

Answer 2 · 2023-07-12T11:20:40.000Z

I think found a workaround in the 3.3.7 version of the daemon. It's ugly, but it seems to work.
Here's the long story: #200 (comment)