aws-toolkit-jetbrains icon indicating copy to clipboard operation
aws-toolkit-jetbrains copied to clipboard

Published 20 hours ago verified publisher icon aws

AWS Toolkit can't connect to ECS; error with Task Role suggestion

Open socketbox opened this issue 2 years ago • 5 comments

Your Environment

  • OS: Linux (kernel: 5.19.0-40-generic)
  • JetBrains product: PyCharm
  • JetBrains product version: 2023.1.1 (Professional Edition; Build #PY-231.8770.66; Runtime version: 17.0.6+10-b829.9 amd64)
  • AWS Toolkit version: 1.67-231
  • SAM CLI version: 1.60.0
  • JVM/Python version: VM: OpenJDK 64-Bit Server VM by JetBrains s.r.o.)

Question

I can no longer connect to ECS containers using AWS Toolkit in PyCharm. In VSCode, it works without a hitch. From the command-line using aws ecs execute-command, it works perfectly.

But in PyCharm, all I get is this: image Which is not very helpful, given that I can connect directly using two other methods. The issue at hand has nothing to do with levels of permission.

In ~/.aws/config I've got a [default] profile, along with others:

[default]
region = us-east-1
output = json
mfa_serial = arn:aws:iam::<somenumericid>:mfa/socketbox

[profile foo]
role_arn = arn:aws:iam::<adifferentnumber>:role/foo-role
source_profile = default
region = us-west-1
...

In ~/.aws/credentials:

[default_original]                                               
aws_access_key_id     = <SOMEKEY>                     
aws_secret_access_key = <aN0th3rKeY> 
                                                                 
[foo]                                                      
role_arn       = arn:aws:iam::<adifferentnumber>:role/foo-role
source_profile = default                                         
...

socketbox avatar May 02 '23 21:05 socketbox

Just to confirm, this is on the Run Command... and Open Interactive Shell... actions?

rli avatar May 03 '23 00:05 rli

@rli Thanks for responding.

Just to confirm, this is on the Run Command... and Open Interactive Shell... actions?

Yes, that's correct. Something that might prove helpful: the plugin seems to recognize the fact that Command Execution is enabled, as Disable Command Execution is a command that's available to me on the context menu that is titled, Containers.

socketbox avatar May 03 '23 20:05 socketbox

Recently updated the plugin and IDE. I can confirm this is still an issue. Related/duplicate: https://github.com/aws/aws-toolkit-jetbrains/issues/3750

AWS Toolkit: 1.78-232
PyCharm 2023.2.1 (Professional Edition)
Build #PY-232.9559.58, built on August 22, 2023
JRE 17.0.8+7-b1000.8x64 JetBrains s.r.o., 
OS Linux(amd64) v6.2.0-26-generic

One thing I don't recall happening previously: I'm now prompted, within the panel/frame of the AWS Toolkit, to enter MFA credentials, but before I can mouse over and click the linked text, it disappears, as if satisfied that I'm authenticated. And, in fact, I do use an internally developed tool to send OTP codes to AWS and create a temporary profile; I do this first thing in the morning usually.

EDIT: one more thing. After restarting the IDE, in the bottom of the frame, I see "MFA needed" (or something similar, I can't recall the exact wording). If I click on that, it then changes to this: image

socketbox avatar Sep 11 '23 19:09 socketbox

Still an issue with 2.10-233.

image

socketbox avatar Mar 06 '24 22:03 socketbox

I can confirm that the issue persists on 3.13-241

Additional info: I can see our clusters, tasks and containers in the Explorer view. When I open the "Open Interactive Shell..." dialog, it offers our tasks in the drop-down and /bin/bash under "Shell", but when I click Execute, I receive the error seen in this bug report.

CaptainDeniz avatar Jun 26 '24 09:06 CaptainDeniz