Something seems to have changed with v1.2.0 and environment variables aren't being pic

Yep, looks good from my end too - thanks <a class="user-mention notranslate" data-hove

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

Thanks <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-u

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

Hey guys, I've raised <a href="https://github.com/gjbae1212/gossm/pull/21" data-hoverc

Environment variables not being used about gossm HOT 10 CLOSED

gjbae1212 commented on May 26, 2024 2

Environment variables not being used

from gossm.

Comments (10)

jonasneves commented on May 26, 2024 1

I use temporary AWS credentials via env vars as well and I've been having the same issue:

$ gossm start

RequestExpired: Request has expired.
	status code: 400, request id: 2b17a0f6-88ca-454c-a2d4-5a2750362bd1

I can run any command with awscli without any issues:

$ aws sts get-caller-identity

{
    "UserId": "AXXXXXXXX:[email protected]",
    "Account": "8000000000",
    "Arn": "arn:aws:sts::800000000:assumed-role/Role/[email protected]"
}

from gossm.

toshimaru commented on May 26, 2024 1

I confirmed the issue has been resolved on version v1.2.3.
thanks @tedsmitt . <3

from gossm.

mogopz commented on May 26, 2024 1

Yep, looks good from my end too - thanks @tedsmitt!

from gossm.

gjbae1212 commented on May 26, 2024

@mogggggg
Maybe it' need to additonal ssm:DescribeInstanceInformation permission.
ssm:DescribeInstanceInformation is using to find possible instances that can access over ssm-agent.

from gossm.

mogopz commented on May 26, 2024

@gjbae1212
But if it was using the account details from the environment variables it shouldn't need that, right? The account I'm assuming has the Administrator role.

I'm also not sure why the permissions would be different between v1.20 and v1.1.1?

from gossm.

gjbae1212 commented on May 26, 2024

@mogggggg
gossm with v1.20 have added new feature used ssm:DescribeInstanceInformation.
#15

from gossm.

mogopz commented on May 26, 2024

Thanks @gjbae1212, unfortunately I still don't think it's working as intended.
The role I'm assuming via env vars has the AdministratorAccess policy attached to it so I shouldn't need to add any new permissions.

The issue seems to be that gossm isn't looking at these env vars anymore.
I've just attached the AdministratorAccess to my user defined in ~/.aws/credentials and it now looks like gossm is at working but it's looking at that AWS account (which has no EC2 resources in it) instead of the one where I've assumed the role.

➜ gossm start
[start-session] profile: default, region: ap-southeast-2, target:
InvalidParameter: 1 validation error(s) found.
- minimum field size of 1, StartSessionInput.Target.

If I use the previous version of gossm it works fine, so I think this is a bug.

from gossm.

gjbae1212 commented on May 26, 2024

@mogggggg
Refined a little of code.
Test it with gossm v1.2.1.

from gossm.

mogopz commented on May 26, 2024

@gjbae1212
Wow, you're so fast!
Unfortunately I'm getting the same problem. Here's a snippet comparing between v1.2.1 and v1.1.0

➜ ./gossm-1-2-1 start
[update] aws ssm plugin
UnauthorizedOperation: You are not authorized to perform this operation.
	status code: 403, request id: de97146c-f579-415b-a803-6975a0e3ca50

➜ ./gossm-1-1-0 start
[update] aws ssm plugin
? Choose a target in AWS:  [Use arrows to move, type to filter]
<big list of all my instances>

from gossm.

tedsmitt commented on May 26, 2024

Hey guys, I've raised a PR to fix this.

from gossm.

Environment variables not being used about gossm HOT 10 CLOSED

Comments (10)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent