Comments (2)
Hi @gitissuepost thank you for reaching out.
In order to troubleshoot this further, can you please provide the following:
(1) Full stacktrace showing the error "Unable to load SSO token"
(2) How the config
file looks like with your sso credentials - please don't share real values of the credentials. As an example, I used this to test sso locally in my machine, and I can call RunInstances successfully:
[profile dev]
sso_session = my-sso
sso_account_id = xxx
sso_role_name = xxx
[sso-session my-sso]
sso_region = us-east-2
sso_start_url = https://xxx.awsapps.com/start
(3) Does it work if you use ProfileCredentialsProvider instead?
Ec2Client ec2 = Ec2Client.builder()
.region(region)
.credentialsProvider(ProfileCredentialsProvider.create("dev"))
.build();
from aws-sdk-java-v2.
Below is the stack trace
Exception in thread "main" software.amazon.awssdk.core.exception.SdkClientException: Unable to load SSO token at software.amazon.awssdk.core.exception.SdkClientException$BuilderImpl.build(SdkClientException.java:111) at software.amazon.awssdk.core.exception.SdkClientException.create(SdkClientException.java:43) at software.amazon.awssdk.services.ssooidc.SsoOidcTokenProvider.lambda$getDefaultSsoTokenRetriever$3(SsoOidcTokenProvider.java:221) at java.base/java.util.Optional.orElseThrow(Optional.java:408) at software.amazon.awssdk.services.ssooidc.SsoOidcTokenProvider.lambda$getDefaultSsoTokenRetriever$4(SsoOidcTokenProvider.java:221) at software.amazon.awssdk.awscore.internal.token.CachedTokenRefresher.refreshAndGetTokenFromSupplier(CachedTokenRefresher.java:81) at software.amazon.awssdk.awscore.internal.token.CachedTokenRefresher.refreshResult(CachedTokenRefresher.java:89) at software.amazon.awssdk.utils.cache.CachedSupplier.lambda$jitteredPrefetchValueSupplier$8(CachedSupplier.java:300) at software.amazon.awssdk.utils.cache.CachedSupplier$PrefetchStrategy.fetch(CachedSupplier.java:448) at software.amazon.awssdk.utils.cache.CachedSupplier.refreshCache(CachedSupplier.java:208) at software.amazon.awssdk.utils.cache.CachedSupplier.get(CachedSupplier.java:135) at software.amazon.awssdk.awscore.internal.token.CachedTokenRefresher.refreshIfStaleAndFetch(CachedTokenRefresher.java:76) at software.amazon.awssdk.services.ssooidc.SsoOidcTokenProvider.resolveToken(SsoOidcTokenProvider.java:96) at software.amazon.awssdk.services.ssooidc.SsoOidcProfileTokenProviderFactory$SsoOidcProfileTokenProvider.resolveToken(SsoOidcProfileTokenProviderFactory.java:148) at software.amazon.awssdk.auth.token.internal.ProfileTokenProviderLoader.lambda$ssoProfileCredentialsProvider$0(ProfileTokenProviderLoader.java:67) at software.amazon.awssdk.auth.token.credentials.ProfileTokenProvider.resolveToken(ProfileTokenProvider.java:111) at software.amazon.awssdk.auth.token.internal.LazyTokenProvider.resolveToken(LazyTokenProvider.java:45) at software.amazon.awssdk.services.sso.auth.SsoProfileCredentialsProviderFactory$SsoProfileCredentialsProvider.<init>(SsoProfileCredentialsProviderFactory.java:107) at software.amazon.awssdk.services.sso.auth.SsoProfileCredentialsProviderFactory$SsoProfileCredentialsProvider.<init>(SsoProfileCredentialsProviderFactory.java:88) at software.amazon.awssdk.services.sso.auth.SsoProfileCredentialsProviderFactory.create(SsoProfileCredentialsProviderFactory.java:68) at software.amazon.awssdk.auth.credentials.internal.ProfileCredentialsUtils.ssoProfileCredentialsProvider(ProfileCredentialsUtils.java:191) at software.amazon.awssdk.auth.credentials.internal.ProfileCredentialsUtils.credentialsProvider(ProfileCredentialsUtils.java:120) at software.amazon.awssdk.auth.credentials.internal.ProfileCredentialsUtils.credentialsProvider(ProfileCredentialsUtils.java:102) at software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider.lambda$createCredentialsProvider$1(ProfileCredentialsProvider.java:169) at java.base/java.util.Optional.flatMap(Optional.java:294) at software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider.createCredentialsProvider(ProfileCredentialsProvider.java:169) at software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider.handleProfileFileReload(ProfileCredentialsProvider.java:135) at software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider.resolveCredentials(ProfileCredentialsProvider.java:126) at software.amazon.awssdk.auth.credentials.AwsCredentialsProvider.resolveIdentity(AwsCredentialsProvider.java:54) at software.amazon.awssdk.identity.spi.IdentityProvider.resolveIdentity(IdentityProvider.java:60) at software.amazon.awssdk.awscore.internal.authcontext.AwsCredentialsAuthorizationStrategy.lambda$resolveCredentials$2(AwsCredentialsAuthorizationStrategy.java:112) at software.amazon.awssdk.core.internal.util.MetricUtils.measureDuration(MetricUtils.java:60) at software.amazon.awssdk.awscore.internal.authcontext.AwsCredentialsAuthorizationStrategy.resolveCredentials(AwsCredentialsAuthorizationStrategy.java:112) at software.amazon.awssdk.awscore.internal.authcontext.AwsCredentialsAuthorizationStrategy.addCredentialsToExecutionAttributes(AwsCredentialsAuthorizationStrategy.java:85) at software.amazon.awssdk.awscore.internal.AwsExecutionContextBuilder.invokeInterceptorsAndCreateExecutionContext(AwsExecutionContextBuilder.java:138) at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.invokeInterceptorsAndCreateExecutionContext(AwsSyncClientHandler.java:67) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.lambda$execute$1(BaseSyncClientHandler.java:76) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.measureApiCallSuccess(BaseSyncClientHandler.java:182) at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.execute(BaseSyncClientHandler.java:74) at software.amazon.awssdk.core.client.handler.SdkSyncClientHandler.execute(SdkSyncClientHandler.java:45) at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.execute(AwsSyncClientHandler.java:53) at software.amazon.awssdk.services.ec2.DefaultEc2Client.runInstances(DefaultEc2Client.java:34428) at org.example.Main.createEC2Instance(Main.java:37) at org.example.Main.main(Main.java:24)
My config file looks like below
`
[sso-session dev-aws-iam]
sso_start_url=https://xxxxxx-yyyyyyy.awsapps.com/start#/
sso_region=xxxxxxxxx
sso_registration_scopes=sso:account:access
[profile dev-aws-iam-xxxxxxxx]
sso_session=dev-aws-iam
sso_account_id=xxxxxxxxxxxx
sso_role_name=xxxxxxxx
`
The java class as below
`
import software.amazon.awssdk.auth.credentials.ProfileCredentialsProvider;
import software.amazon.awssdk.regions.Region;
import software.amazon.awssdk.services.ec2.Ec2Client;
import software.amazon.awssdk.services.ec2.model.*;
public class Main {
static Region region = Region.XXXXXXX;
public static void main(String[] args) {
String name = "Sample";
String amiId = "ami-xxxxx";
Ec2Client ec2 = Ec2Client.builder()
.region(region)
.credentialsProvider(ProfileCredentialsProvider.create("dev-aws-iam-xxxxxxxx"))
.build();
String instanceId = createEC2Instance(ec2, name, amiId);
System.out.println("The Amazon EC2 Instance ID is " + instanceId);
ec2.close();
}
public static String createEC2Instance(Ec2Client ec2, String name, String amiId) {
RunInstancesRequest runRequest = RunInstancesRequest.builder()
.imageId(amiId)
.instanceType(InstanceType.T1_MICRO)
.maxCount(1)
.minCount(1)
.build();
RunInstancesResponse response = ec2.runInstances(runRequest);
String instanceId = response.instances().get(0).instanceId();
Tag tag = Tag.builder()
.key("Name")
.value(name)
.build();
CreateTagsRequest tagRequest = CreateTagsRequest.builder()
.resources(instanceId)
.tags(tag)
.build();
try {
ec2.createTags(tagRequest);
System.out.printf("Successfully started EC2 Instance %s based on AMI %s", instanceId, amiId);
return instanceId;
} catch (Ec2Exception e) {
System.err.println(e.awsErrorDetails().errorMessage());
System.exit(1);
}
return "";
}
}
`
from aws-sdk-java-v2.
Related Issues (20)
- Unable to execute HTTP request: Unrecognized SSL message, plaintext connection HOT 6
- How to pass AWSSessionCredentialsProvider in aws-sdk-java-v2 HOT 1
- [put-object] when set readlimit, error raised: java.io.IOException: No position has been marked HOT 2
- `S3TransferManager` / `S3AsyncClient` does not seem to use `SdkAdvancedAsyncClientOption.FUTURE_COMPLETION_EXECUTOR`'s `Executor`. HOT 1
- S3TransferManager - Support download / upload resume in the event of host machine power loss HOT 1
- service is crashed while uploading large files to S3 using aws sdk2 HOT 7
- Add support of Request-level credentials override in DefaultS3CrtAsyncClient
- S3 download leak connection
- AWS Java SDK v2 does not respect AWS_MAX_ATTEMPTS HOT 1
- How to configure KMS vpc endpoint while creating s3Encryption client and s3async client
- DynamoDB Enhanced: Support schema mixins
- In S3 library `ResponseInputStream<?>` doesn't seem to support the `InputSteam` `int read(byte[] buffer)` method correctly
- DynamoDB enhanced client - Add "Select" in ScanEnhancedRequest (short issue description)
- Add support of Request-level overrideConfiguration in s3 async multipart upload
- CRaC support for AWS SDK for Java
- equivalent of static RetryCondition defaultRetryCondition() HOT 5
- InternetGatewayAttachment state and stateAsString mismatch HOT 2
- Support for IP Ranges in NO_PROXY Environment Variable
- DynamoDbEnhancedAsyncClient#createTable() fails to generate secondary indexes HOT 2
- AwsV4HttpSigner does not contain all features from Aws4Signer
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aws-sdk-java-v2.