cloudlens icon indicating copy to clipboard operation
cloudlens copied to clipboard

Published 20 hours ago verified publisher icon one2nc

[Bug] Doesn't work with IAM roles

Open mbtamuli opened this issue 1 year ago • 5 comments

Context

I have a IAM user in account1 and to access resources in account2 I have set up access as described here - IAM tutorial: Delegate access across AWS accounts using IAM roles. I was unable to use cloudlens to access resources in account2, when the same shared configuration and credentials file(~/.aws/config and ~/.aws/credentials) works with AWS CLI.

Expected

cloudlens should deal with shared configuration and credentials similar to AWS CLI/AWS API

Actual

cloudlens is not able to work with profiles which assume roles.

Steps to reproduce

  1. Follow the guide - IAM tutorial: Delegate access across AWS accounts using IAM roles to setup the users/roles.
  2. Create the following configuration file - ~/.aws/config 
    # Credentials specified
[profile source]
region=us-east-1

# No credentials
[profile sandbox-dev]
region = us-east-1
role_arn = arn:aws:iam::123456789123:role/S3Admin
source_profile = source
  3. Create the following credentials file - ~/.aws/credentials 
    [source]
aws_access_key_id=accessKeyID
aws_secret_access_key=secretAccessKey

cloudlens doesn't even detect the sandbox-dev profile.

mbtamuli avatar Apr 16 '23 15:04 mbtamuli