awslogs icon indicating copy to clipboard operation
awslogs copied to clipboard

Published 20 hours ago verified publisher icon jorgebastida

RefreshWithMFAUnsupportedError: Cannot refresh credentials: MFA token required.

Open jmtapio opened this issue 5 years ago • 0 comments

Awslogs may crash if MFA credentials expire while it is getting a large log stream.

Trace:

Version:       0.12.0
Python:        3.7.3 (default, Mar 27 2019, 09:23:32)
[Clang 9.0.0 (clang-900.0.39.2)]
boto3 version: 1.10.45
Platform:      Darwin-16.7.0-x86_64-i386-64bit
Args:          ['/usr/local/bin/awslogs', 'get', '<censored>', '<censored>', '-s', '52 weeks ago']
Config: {'aws_access_key_id': 'SENSITIVE',
 'aws_profile': 'SENSITIVE',
 'aws_region': None,
 'aws_secret_access_key': 'SENSITIVE',
 'aws_session_token': 'SENSITIVE',
 'color': 'auto',
 'end': None,
 'filter_pattern': None,
 'func': 'list_logs',
 'log_group_name': '<censored>',
 'log_stream_name': '<censored>',
 'output_group_enabled': True,
 'output_ingestion_time_enabled': False,
 'output_stream_enabled': True,
 'output_timestamp_enabled': False,
 'query': None,
 'start': '52 weeks ago',
 'watch': False,
 'watch_interval': 1}

Traceback (most recent call last):
  File "/usr/local/lib/python3.7/site-packages/awslogs-0.12.0-py3.7.egg/awslogs/bin.py", line 178, in main
    getattr(logs, options.func)()
  File "/usr/local/lib/python3.7/site-packages/awslogs-0.12.0-py3.7.egg/awslogs/core.py", line 223, in list_logs
    consumer()
  File "/usr/local/lib/python3.7/site-packages/awslogs-0.12.0-py3.7.egg/awslogs/core.py", line 164, in consumer
    for event in generator():
  File "/usr/local/lib/python3.7/site-packages/awslogs-0.12.0-py3.7.egg/awslogs/core.py", line 151, in generator
    response = self.client.filter_log_events(**kwargs)
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/client.py", line 276, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/client.py", line 573, in _make_api_call
    operation_model, request_dict, request_context)
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/client.py", line 592, in _make_request
    return self._endpoint.make_request(operation_model, request_dict)
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/endpoint.py", line 102, in make_request
    return self._send_request(request_dict, operation_model)
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/endpoint.py", line 132, in _send_request
    request = self.create_request(request_dict, operation_model)
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/endpoint.py", line 116, in create_request
    operation_name=operation_model.name)
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/hooks.py", line 356, in emit
    return self._emitter.emit(aliased_event_name, **kwargs)
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/hooks.py", line 228, in emit
    return self._emit(event_name, kwargs)
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/hooks.py", line 211, in _emit
    response = handler(**kwargs)
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/signers.py", line 90, in handler
    return self.sign(operation_name, request)
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/signers.py", line 152, in sign
    auth = self.get_auth_instance(**kwargs)
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/signers.py", line 232, in get_auth_instance
    frozen_credentials = self._credentials.get_frozen_credentials()
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/credentials.py", line 591, in get_frozen_credentials
    self._refresh()
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/credentials.py", line 486, in _refresh
    self._protected_refresh(is_mandatory=is_mandatory_refresh)
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/credentials.py", line 502, in _protected_refresh
    metadata = self._refresh_using()
  File "/usr/local/lib/python3.7/site-packages/botocore-1.13.45-py3.7.egg/botocore/credentials.py", line 248, in __call__
    raise RefreshWithMFAUnsupportedError()
botocore.exceptions.RefreshWithMFAUnsupportedError: Cannot refresh credentials: MFA token required.

jmtapio avatar Dec 31 '19 18:12 jmtapio