-
Notifications
You must be signed in to change notification settings - Fork 263
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SIGSEGV when trying to use current head version with multi-profile and mfa #196
Comments
@deinspanjer Thanks for reporting and sorry for the delay!! (I got resourced on another project). Also I do not know which 2 versions (commit sha) you ran, I am pretty sure that it has to do with this commit. I shall be fixing that today. |
Okay, happy to test it out. If necessary, I can probably go back and figure out the specific commits I was working against. |
@deinspanjer Thanks for helping. It would be better if you give it a try with the latest master and show me the output. (Partial fix above should avoid nil reference and print what is wrong with the config I hope). Can you do that? |
Hmm.. well, I tried a simple
|
Okay, installing via go worked fine. Here is the (sanitized) output I get from exercising the two profiles:
|
Thanks! To clarify, the check that we make is only to detect if a region is in the running embedded profile as shown here. The code for this check is legit but I am guessing some loading options are missing in the @deinspanjer Can you confirm your configuration in If yes, on my side I will try some options to not fail on loading configuration such as yours. |
Yes, the config definitely works fine with core aws cli as well as boto3 and other libraries/utils. Also note that awless actually successfully performs whatever operations are requested, it just gives that error first in the current version, and in the version released in brew on March 1, it gave no error at all. |
Here is the .aws/config and .aws.credentials file structures I'm running with: config:
credentials:
|
I found an issue in the k8s github that mentions an AssumeRoleTokenProvider option added a few months back: kubernetes/kops#226 (comment) I'll try that out real quick and see if it has any effect. Okay, I don't know the full ramifications of the change, but adding that option does definitely eliminate the error: |
Thanks for the input! I will have a look at that. In the meantime, using the current master will only print out the error. Everything should work fine expect when you have an embedded region in that config profile: in that case awless will not pick up the region. That is what need to be fixed. |
This is the right fix concerning When I implemented the code to look for an embedded region I overlook this option! So your PR is valid and I will merge it. I will also revert back to returning an error instead of printing it (i.e. used for debugging that issue) |
It got closed automatically! @deinspanjer Anyway you can pull master that contains a commit and your PR. Any issues let me know. And thanks for the work. Hopefully the version 0.1.10 should be out soon. |
I've had a working setup for a while like this:
~/.aws/credentials
[default]
key_id/access with read-only privs
[me_mfa]
key_id/access for my aws role which requires mfa
~/.aws/config
[profile me]
source_profile = me_mfa
role_arn = ..Admin..
mfa_serial .../me
I did a go get -u today and the default profile was working fine, but when I tried to do anything with my me account, either by passing
-p me
or by usingawl switch
, it immediately returned a SIGSEGV:I tried reverting back to the latest release installed view Homebrew and it works fine.
Please let me know what other info you might want to track this down.
The text was updated successfully, but these errors were encountered: