Giter Club home page Giter Club logo

Comments (2)

debora-ito avatar debora-ito commented on July 19, 2024

Hi @gitissuepost thank you for reaching out.

In order to troubleshoot this further, can you please provide the following:

(1) Full stacktrace showing the error "Unable to load SSO token"
(2) How the config file looks like with your sso credentials - please don't share real values of the credentials. As an example, I used this to test sso locally in my machine, and I can call RunInstances successfully:

[profile dev]
sso_session = my-sso
sso_account_id = xxx
sso_role_name = xxx

[sso-session my-sso]
sso_region = us-east-2
sso_start_url = https://xxx.awsapps.com/start

(3) Does it work if you use ProfileCredentialsProvider instead?

Ec2Client ec2 = Ec2Client.builder()
            .region(region)
            .credentialsProvider(ProfileCredentialsProvider.create("dev"))
            .build();

from aws-sdk-java-v2.

gitissuepost avatar gitissuepost commented on July 19, 2024

@debora-ito :

Below is the stack trace
Exception in thread "main" software.amazon.awssdk.core.exception.SdkClientException: Unable to load SSO token at software.amazon.awssdk.core.exception.SdkClientException$BuilderImpl.build(SdkClientException.java:111) at software.amazon.awssdk.core.exception.SdkClientException.create(SdkClientException.java:43) at software.amazon.awssdk.services.ssooidc.SsoOidcTokenProvider.lambda$getDefaultSsoTokenRetriever$3(SsoOidcTokenProvider.java:221) at java.base/java.util.Optional.orElseThrow(Optional.java:408) at software.amazon.awssdk.services.ssooidc.SsoOidcTokenProvider.lambda$getDefaultSsoTokenRetriever$4(SsoOidcTokenProvider.java:221) at software.amazon.awssdk.awscore.internal.token.CachedTokenRefresher.refreshAndGetTokenFromSupplier(CachedTokenRefresher.java:81) at software.amazon.awssdk.awscore.internal.token.CachedTokenRefresher.refreshResult(CachedTokenRefresher.java:89) at software.amazon.awssdk.utils.cache.CachedSupplier.lambda$jitteredPrefetchValueSupplier$8(CachedSupplier.java:300) at software.amazon.awssdk.utils.cache.CachedSupplier$PrefetchStrategy.fetch(CachedSupplier.java:448) at software.amazon.awssdk.utils.cache.CachedSupplier.refreshCache(CachedSupplier.java:208) at software.amazon.awssdk.utils.cache.CachedSupplier.get(CachedSupplier.java:135) at software.amazon.awssdk.awscore.internal.token.CachedTokenRefresher.refreshIfStaleAndFetch(CachedTokenRefresher.java:76) at software.amazon.awssdk.services.ssooidc.SsoOidcTokenProvider.resolveToken(SsoOidcTokenProvider.java:96) at software.amazon.awssdk.services.ssooidc.SsoOidcProfileTokenProviderFactory$SsoOidcProfileTokenProvider.resolveToken(SsoOidcProfileTokenProviderFactory.java:148) at software.amazon.awssdk.auth.token.internal.ProfileTokenProviderLoader.lambda$ssoProfileCredentialsProvider$0(ProfileTokenProviderLoader.java:67) at software.amazon.awssdk.auth.token.credentials.ProfileTokenProvider.resolveToken(ProfileTokenProvider.java:111) at software.amazon.awssdk.auth.token.internal.LazyTokenProvider.resolveToken(LazyTokenProvider.java:45) at software.amazon.awssdk.services.sso.auth.SsoProfileCredentialsProviderFactory$SsoProfileCredentialsProvider.<init>(SsoProfileCredentialsProviderFactory.java:107) at software.amazon.awssdk.services.sso.auth.SsoProfileCredentialsProviderFactory$SsoProfileCredentialsProvider.<init>(SsoProfileCredentialsProviderFactory.java:88) at software.amazon.awssdk.services.sso.auth.SsoProfileCredentialsProviderFactory.create(SsoProfileCredentialsProviderFactory.java:68) at software.amazon.awssdk.auth.credentials.internal.ProfileCredentialsUtils.ssoProfileCredentialsProvider(ProfileCredentialsUtils.java:191) at software.amazon.awssdk.auth.credentials.internal.ProfileCredentialsUtils.credentialsProvider(ProfileCredentialsUtils.java:120) at software.amazon.awssdk.auth.credentials.internal.ProfileCredentialsUtils.credentialsProvider(ProfileCredentialsUtils.java:102) at software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider.lambda$createCredentialsProvider$1(ProfileCredentialsProvider.java:169) at java.base/java.util.Optional.flatMap(Optional.java:294) at software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider.createCredentialsProvider(ProfileCredentialsProvider.java:169) at software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider.handleProfileFileReload(ProfileCredentialsProvider.java:135) at software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider.resolveCredentials(ProfileCredentialsProvider.java:126) at software.amazon.awssdk.auth.credentials.AwsCredentialsProvider.resolveIdentity(AwsCredentialsProvider.java:54) at software.amazon.awssdk.identity.spi.IdentityProvider.resolveIdentity(IdentityProvider.java:60) at software.amazon.awssdk.awscore.internal.authcontext.AwsCredentialsAuthorizationStrategy.lambda$resolveCredentials$2(AwsCredentialsAuthorizationStrategy.java:112) at software.amazon.awssdk.core.internal.util.MetricUtils.measureDuration(MetricUtils.java:60) at software.amazon.awssdk.awscore.internal.authcontext.AwsCredentialsAuthorizationStrategy.resolveCredentials(AwsCredentialsAuthorizationStrategy.java:112) at software.amazon.awssdk.awscore.internal.authcontext.AwsCredentialsAuthorizationStrategy.addCredentialsToExecutionAttributes(AwsCredentialsAuthorizationStrategy.java:85) at software.amazon.awssdk.awscore.internal.AwsExecutionContextBuilder.invokeInterceptorsAndCreateExecutionContext(AwsExecutionContextBuilder.java:138) at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.invokeInterceptorsAndCreateExecutionContext(AwsSyncClientHandler.java:67) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.lambda$execute$1(BaseSyncClientHandler.java:76) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.measureApiCallSuccess(BaseSyncClientHandler.java:182) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.execute(BaseSyncClientHandler.java:74) at software.amazon.awssdk.core.client.handler.SdkSyncClientHandler.execute(SdkSyncClientHandler.java:45) at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.execute(AwsSyncClientHandler.java:53) at software.amazon.awssdk.services.ec2.DefaultEc2Client.runInstances(DefaultEc2Client.java:34428) at org.example.Main.createEC2Instance(Main.java:37) at org.example.Main.main(Main.java:24)

My config file looks like below
`
[sso-session dev-aws-iam]
sso_start_url=https://xxxxxx-yyyyyyy.awsapps.com/start#/
sso_region=xxxxxxxxx
sso_registration_scopes=sso:account:access

[profile dev-aws-iam-xxxxxxxx]
sso_session=dev-aws-iam
sso_account_id=xxxxxxxxxxxx
sso_role_name=xxxxxxxx
`

The java class as below

`
import software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.ec2.Ec2Client;
import software.amazon.awssdk.services.ec2.model.*;
public class Main {
static Region region = Region.XXXXXXX;
public static void main(String[] args) {
String name = "Sample";
String amiId = "ami-xxxxx";

    Ec2Client ec2 = Ec2Client.builder()
            .region(region)
            .credentialsProvider(ProfileCredentialsProvider.create("dev-aws-iam-xxxxxxxx"))
            .build();
    String instanceId = createEC2Instance(ec2, name, amiId);
    System.out.println("The Amazon EC2 Instance ID is " + instanceId);
    ec2.close();
}
public static String createEC2Instance(Ec2Client ec2, String name, String amiId) {
    RunInstancesRequest runRequest = RunInstancesRequest.builder()
            .imageId(amiId)
            .instanceType(InstanceType.T1_MICRO)
            .maxCount(1)
            .minCount(1)
            .build();

    RunInstancesResponse response = ec2.runInstances(runRequest);
    String instanceId = response.instances().get(0).instanceId();
    Tag tag = Tag.builder()
            .key("Name")
            .value(name)
            .build();
    CreateTagsRequest tagRequest = CreateTagsRequest.builder()
            .resources(instanceId)
            .tags(tag)
            .build();
    try {
        ec2.createTags(tagRequest);
        System.out.printf("Successfully started EC2 Instance %s based on AMI %s", instanceId, amiId);
        return instanceId;
    } catch (Ec2Exception e) {
        System.err.println(e.awsErrorDetails().errorMessage());
        System.exit(1);
    }
    return "";
}

}
`

from aws-sdk-java-v2.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.