Amplify cli incompatible with aws cli sso credentials

[martinbiard]

Is your feature request related to a problem? Please describe.

The aws cli's aws configure sso and/or aws sso login is extremely convenient to work with. However, it saves credentials in a different way inside the ~/.aws configuration directory. In particular, it does not create the file credentials but rather uses other files in the ~/.aws/sso subdirectory. The amplify cli currently always expects this file to exist, hence fails with an error when giving it the profile to use.

Describe the solution you'd like

I would like for amplify to correctly recognize and work with a profile configured through sso functionality.

Describe alternatives you've considered

Until this is fixed, our solution is as follows:

• go to our aws organization's portal page and login
• select the account to assume the role in
• click command line or programmatic access
• copy option # 2
• paste it correctly in ~/.aws/credentials
• run amplify init

Additional context

$ aws configure sso
SSO start URL [None]: https://REDACTED.awsapps.com/start
SSO Region [None]: us-east-1
Attempting to automatically open the SSO authorization page in your default browser.
If the browser does not open or you wish to use a different device to authorize this request, open the following URL:

https://device.sso.us-east-1.amazonaws.com/

Then enter the code:

REDACTED
There are 3 AWS accounts available to you.
Using the account ID REDACTED
There are 2 roles available to you.
Using the role name "DeveloperAccess"
CLI default client Region [None]: us-east-1
CLI default output format [None]: yaml
CLI profile name [DeveloperAccess-REDACTED]:

$ amplify init
Scanning for plugins...
Plugin scan successful
Note: It is recommended to run this command from the root of your app directory
? Enter a name for the environment dev
? Choose your default editor: IntelliJ IDEA
Using default provider  awscloudformation

For more information on AWS Profiles, see:
https://docs.aws.amazon.com/cli/latest/userguide/cli-multiple-profiles.html

? Do you want to use an AWS profile? Yes
? Please choose the profile you want to use DeveloperAccess-REDACTED
init failed
Error: connect ENETUNREACH REDACTED:80
    at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1141:16) {
  message: 'Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1',
  errno: 'ENETUNREACH',
  code: 'CredentialsError',
  syscall: 'connect',
  address: 'REDACTED',
  port: 80,
  time: 2020-08-12T02:29:36.728Z,
  originalError: {
    message: 'Could not load credentials from any providers',
    errno: 'ENETUNREACH',
    code: 'CredentialsError',
    syscall: 'connect',
    address: 'REDACTED',
    port: 80,
    time: 2020-08-12T02:29:36.728Z,
    originalError: {
      message: 'EC2 Metadata roleName request returned error',
      errno: 'ENETUNREACH',
      code: 'ENETUNREACH',
      syscall: 'connect',
      address: 'REDACTED',
      port: 80,
      time: 2020-08-12T02:29:36.728Z,
      originalError: [Object]
    }
  }
}

[SwaySway]

Closing this as a duplicate #4488 to increase visibility

[github-actions]

This issue has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs.

Looking for a help forum? We recommend joining the Amplify Community Discord server *-help channels for those types of questions.