Skip to content

Support for AWS credential from environment variables #108

New issue
New issue
Open
Open
Support for AWS credential from environment variables#108
@sneakybeaky

Description

@sneakybeaky
sneakybeaky
opened on Oct 23, 2020

Hi,

We use aws-vault so that we don't store our AWS credentials in plain text on our workstations. It looks like you don't currently support using AWS credential environment variables, which means we're stuck.

This shows the invocation of aws-vault showing the env vars being set :

$ aws-vault exec profilename -- env
......
AWS_ACCESS_KEY_ID=xxxxx
AWS_SECRET_ACCESS_KEY=xxxxx
AWS_SESSION_TOKEN=xxxxxx
AWS_SECURITY_TOKEN=xxxxxxx
AWS_SESSION_EXPIRATION=2020-10-23T14:42:02Z

But when we use with lumigo-cli we get this error

$ DEBUG=* aws-vault exec profilename -- lumigo-cli powertune-lambda \
    -r eu-west-2 \
    -p lnp \
    -n powertune-lambda-s3copy-eu-west-2-dev \
    -s balanced \
    -f /Users/jonbarber/work/spikes/s3copy-storybook/examples/update.json \
    -o update-result.json \
    -z > /dev/null
......
CredentialsError: Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1
    at SharedIniFileCredentials.load (/Users/jonbarber/work/spikes/s3copy-storybook/node_modules/aws-sdk/lib/credentials/shared_ini_file_credentials.js:103:11)
    at SharedIniFileCredentials.coalesceRefresh (/Users/jonbarber/work/spikes/s3copy-storybook/node_modules/aws-sdk/lib/credentials.js:205:12)
    at SharedIniFileCredentials.refresh (/Users/jonbarber/work/spikes/s3copy-storybook/node_modules/aws-sdk/lib/credentials/shared_ini_file_credentials.js:170:10)
    at SharedIniFileCredentials.get (/Users/jonbarber/work/spikes/s3copy-storybook/node_modules/aws-sdk/lib/credentials.js:122:12)
    at getAsyncCredentials (/Users/jonbarber/work/spikes/s3copy-storybook/node_modules/aws-sdk/lib/config.js:398:24)
    at Config.getCredentials (/Users/jonbarber/work/spikes/s3copy-storybook/node_modules/aws-sdk/lib/config.js:418:9)
    at Request.VALIDATE_CREDENTIALS (/Users/jonbarber/work/spikes/s3copy-storybook/node_modules/aws-sdk/lib/event_listeners.js:81:26)
    at Request.callListeners (/Users/jonbarber/work/spikes/s3copy-storybook/node_modules/aws-sdk/lib/sequential_executor.js:102:18)
    at Request.emit (/Users/jonbarber/work/spikes/s3copy-storybook/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/Users/jonbarber/work/spikes/s3copy-storybook/node_modules/aws-sdk/lib/request.js:688:14)

This is pretty much a blocker for us using this great utility. Could support for getting AWS credentials this way be added please ?

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions