aws-sso-cli config-profiles crashes on duplicates account/profile names with multiple SSOs

Output of aws-sso version:

AWS SSO CLI Version 1.14.2 -- Copyright 2021-2023 Aaron Turner
792f11ec86a5ce6683ba2df7cb544e4f76f2431b (v1.14.2) built at 2023-10-20T04:29:15+0000

Describe the bug: When having multiple SSOs, the config-profiles command fails if there are Accounts and Roles with the same names in the different SSOs.

The following image should explain this very well:

It seems as it doesn't use the ProfileFormat that I configured starting with {{ .SSO }} to avoid such collision.

To Reproduce:

see above

Expected behavior: Adding Profiles in the Format "{{ .SSO }}:{{ FirstItem .AccountName (.AccountAlias | nospace) }}:{{ .RoleName }}" without collissions.

Desktop (please complete the following information):

OS: macOS
Version: Sonoma 14.1.2

Contents of ~/.aws-sso/config.yaml:

SSOConfig:
    xxx-org:
        SSORegion: eu-central-1
        StartUrl: https://xxx-org.awsapps.com/start
        AuthUrlAction: open
    xxx-engineering:
        SSORegion: eu-central-1
        StartUrl: https://xxx-engineering.awsapps.com/start
    xxx-build:
        SSORegion: eu-central-1
        StartUrl: https://xxx-build.awsapps.com/start
    xxx-cloud:
        SSORegion: eu-central-1
        StartUrl: https://xxx-cloud.awsapps.com/start
DefaultSSO: xxx-cloud
DefaultRegion: eu-central-1
ConsoleDuration: 720
CacheRefresh: 168
Threads: 5
MaxBackoff: 5
MaxRetry: 10
UrlAction: open
ConfigProfilesUrlAction: open
LogLevel: error
HistoryLimit: 10
HistoryMinutes: 1440
ProfileFormat: "{{ .SSO }}:{{ FirstItem .AccountName (.AccountAlias | nospace) }}:{{ .RoleName }}"
AccountPrimaryTag:
    - AccountName
    - AccountAlias
    - Email
PromptColors:
    descriptionbgcolor: Turquoise
    descriptiontextcolor: Black
    inputbgcolor: DefaultColor
    inputtextcolor: DefaultColor
    prefixbackgroundcolor: DefaultColor
    prefixtextcolor: Blue
    previewsuggestionbgcolor: DefaultColor
    previewsuggestiontextcolor: Green
    scrollbarbgcolor: Cyan
    scrollbarthumbcolor: LightGrey
    selecteddescriptionbgcolor: DarkGray
    selecteddescriptiontextcolor: White
    selectedsuggestionbgcolor: DarkGray
    selectedsuggestiontextcolor: White
    suggestionbgcolor: Cyan
    suggestiontextcolor: White
ListFields:
    - AccountIdPad
    - AccountAlias
    - RoleName
    - Profile
    - Expires
FullTextSearch: true

This might also be related to #696

Dec 19 '23 19:12 nlang

Yeah, it's related to #696. Fix is coming in v2 with the refactor.

Dec 19 '23 22:12 synfinatic

I know this is closed (fixed in tag v2.0.0-beta4) but I am still seeing it in:

AWS SSO CLI Version 2.0.0-beta4 -- Copyright 2021-2024 Aaron Turner
1031acd4a28533e7b662d2387579786c71f04ae4 (v2.0.0-beta4) built at 2024-09-30T02:15:15+0000

FATAL duplicate profile name '-Backup-Vault:AWSAdministratorAccess' for:
customer2: arn:aws:iam::257963854062:role/AWSAdministratorAccess
customer1: arn:aws:iam::761018879473:role/AWSAdministratorAccess

> grep -- -Backup-Vault:AWSAdministratorAccess ~/.aws/config
[profile customer1-Backup-Vault:AWSAdministratorAccess]
[profile customer2-Backup-Vault:AWSAdministratorAccess]

And:

> grep ProfileFormat ~/.config/aws-sso/config.yaml
ProfileFormat: "{{ FirstItem .SSO }}-{{ FirstItem .AccountName (.AccountAlias | nospace) }}:{{ .RoleName }}"

Same result, even if changed to this:

grep ProfileFormat ~/.config/aws-sso/config.yaml
ProfileFormat: "{{ .SSO }}-{{ FirstItem .AccountName (.AccountAlias | nospace) }}:{{ .RoleName }}"

Oct 21 '24 05:10 DaveQB

I've changed names in ~/.aws/config but same error. I checked aws-sso list and we have customer1-Backup-Vault:AWSAdministratorAccess and customer2-Backup-Vault:AWSAdministratorAccess. So I am guessing the duplicate is set in an internal DB somewhere that I need to rename?

Thanks.

Oct 21 '24 06:10 DaveQB