Questions tagged with Developer Tools

Content language: English

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

SDK and ChainableTemporaryCredentials

Hi, I already posted my problem in: https://stackoverflow.com/questions/73702466/chainabletemporarycredentials-getpromise-and-missing-credentials-in-config-if-u Basically it is the following. When I use ``` const credentials = new ChainableTemporaryCredentials({ params: { RoleArn: 'arn:aws:iam::${this.accountId}:role/${this.targetRoleName}', RoleSessionName: this.targetRoleName, }, masterCredentials: new WebIdentityCredentials({ RoleArn: 'arn:aws:iam::<proxyAccountId>:role/<proxyRoleName>', RoleSessionName: this.proxyRoleName, WebIdentityToken: token, }), }) await credentials.getPromise() ``` with `token` a a token received from GCP-cloud do I still need some kind of AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY in my environment? I don't think so, since the idea of the token is to grant access exactly without such credentials. Right? (In the codeblock above I had to manipulate some charaters because the code-template here in the forum had some difficulties withe original 1:1 code...) At runtime I get always an error message: `Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1` I think I have not to use AWS_CONFIG_FILE: My application runs in GCP and just want access AWS via STS. My token looks good so far as I would assess: ``` { "aud": <here my email address of the service account in GCP>, "azp": "21 digit number", "email": <same email as under "aud">, "email_verified": true, "exp": <10 digit number>, "iat": <10 digit number>, "iss": "https://accounts.google.com", "sub": "<same number as under azp>" } ``` Are my expectations wrong? What is the reason for the error message? Best regards Thomas
2
answers
0
votes
18
views
asked 2 months ago