Cannot use credential_process on the default configuration #8860
Comments
luizbob
added
bug
tim-finnigan
added
the
investigating
|
Thanks for reaching out. Could you expand on this a bit more:
I'm trying to understand specifically what are the conditions in which this is and is not working. Also for reference here is documentation on using
(Also this documentation on credentials shows where custom processes are in the order of precedence.) |
tim-finnigan
added
response-requested
|
Basically, I followed this https://aws.amazon.com/blogs/security/access-aws-using-a-google-cloud-platform-native-workload-identity/ on how to configure for gcp VM instance. The files was as following: .aws/credentials Then I tested it, and got the logs that I provided. |
github-actions
bot
removed
the
response-requested
|
Thanks for following up. I saw |
tim-finnigan
added
response-requested
|
Greetings! It looks like this issue hasn’t been active in longer than five days. We encourage you to check if this is still an issue in the latest release. In the absence of more information, we will be closing this issue soon. If you find that this is still a problem, please feel free to provide a comment or upvote with a reaction on the initial post to prevent automatic closure. If the issue is already closed, please feel free to open a new one. |
github-actions
bot
added
the
closing-soon
|
Sorry for the delay on my response, I'll try the config. |
github-actions
bot
removed
closing-soon
tim-finnigan
added
the
response-requested
|
Greetings! It looks like this issue hasn’t been active in longer than five days. We encourage you to check if this is still an issue in the latest release. In the absence of more information, we will be closing this issue soon. If you find that this is still a problem, please feel free to provide a comment or upvote with a reaction on the initial post to prevent automatic closure. If the issue is already closed, please feel free to open a new one. |
github-actions
bot
added
closing-soon
Describe the bug
When I try to use the AWS default profile using credential_process the cli gets stuck on the process. My setup looks like this one available on the aws documentation on how to use the cli from a VM on GCP https://aws.amazon.com/blogs/security/access-aws-using-a-google-cloud-platform-native-workload-identity/
Config file:
Expected Behavior
Generated the credential and use the default configuration with credential_process
Current Behavior
The command frozes and nothing happens, if not stopped, the VM frozes.
debug_awscli.txt
Debug logs on the file above, command executed was
aws sts get-caller-identity --debugReproduction Steps
Follow the steps on this link: https://aws.amazon.com/blogs/security/access-aws-using-a-google-cloud-platform-native-workload-identity/ and change the config for instead of using a profile to be the default config.
Possible Solution
No response
Additional Information/Context
VM on Google cloud with a specific service account, if I try to use the setup as demonstrated on the documentation https://aws.amazon.com/blogs/security/access-aws-using-a-google-cloud-platform-native-workload-identity/ the config works as intended, but dont work when set as the default config
If the variable AWS_PROFILE is set as the profile that its configured with the credential_process, eg:
The same problem happens
CLI version used
aws-cli/2.17.26 Python/3.11.9
Environment details (OS name and version, etc.)
Ubuntu 24.04 LTS X64
The text was updated successfully, but these errors were encountered: