Skip to content

granted refuses to work correctly on Windows Powershell #836

New issue
New issue
Open
Open
granted refuses to work correctly on Windows Powershell#836
@safa-a-safa

Description

@safa-a-safa
safa-a-safa
opened on Mar 6, 2025

granted version: 0.38.0
Windows 11
PowerShell: 7.5.0

Im running into this issue:

Image

Running granted doctor:

`❯ granted doctor

[i] Checking your Granted and AWS local configurations to look for common issues...

? Please select the profile you would like to assume: staging
[i] profile selected: staging

[i] profile SSO start URL: https://acme.awsapps.com/start

[i] profile region: eu-west-2

[i] Granted doctor will now check the default sso token cache (~/.aws/sso/cache), Granted secure storage, and the AWS credentials file to valiate cached tokens.

[i] Checking all cached credentials in /.aws/sso/cache

[i] cached token for https://acme.awsapps.com/start is valid. Testing token using sts now...

[✔] [VALID] Credentials found for https://acme.awsapps.com/start are still valid

[i] Checking all cached tokens in secure storage

[✘] [FAILED] Credentials found for were not expired but failed sts api call
[!] [INFO] no cached tokens in secure storage found

[i] Checking commonly found issues in Granted configuration

[!] [INFO] DefaultExportAllEnvVar set to false: AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, and AWS_SESSION_TOKEN variables will not be exported to your environment for profiles using credential process. Set this to true if you need this functionality

[✔] Granted Doctor has completed, see diagnostics above`

Running granted settings:

`❯ granted.exe settings
SETTING VALUE
update-checker-api-url

AccessRequestURL

AWSConsoleBrowserLaunchTemplate

SSOBrowserLaunchTemplate

Ordering

ExportCredsToAWS false

CustomSSOBrowserPath

Keyring map[Backend: FileDir: KeychainName: LibSecretCollectionName: PassDir:]

ProfileRegistryURLS []

DefaultExportAllEnvVar false

ProfileRegistry map[PrefixAllProfiles:false PrefixDuplicateProfiles:false Registries:[] RequiredKeys:map[] SessionName: Variables:map[]]

CredentialProcessAutoLogin true

SSO map[]

DefaultBrowser FIREFOX

CommonFateDefaultSSOStartURL

CommonFateDefaultSSORegion

DisableCredentialProcessCache false

CustomBrowserPath \Program Files\Mozilla Firefox\firefox.exe

ExportCredentialSuffix

ExportSSOToken false

DisableUsageTips false`

Sample of my .aws/config file:

`[sso-session acme-sso-auth]
sso_start_url = https://acme.awsapps.com/start
sso_region = eu-west-2
sso_registration_scopes = sso:account:access

[profile staging]
region = eu-west-2
output = json
sso_account_id = 111111111111
sso_session = acme-sso-auth
sso_role_name = infrastructure
`

Can anyone point me into the right direction please?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions