Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Missing documentation for Single Sign-On (SSO) credentials #920

Open
trevorstr opened this issue Oct 16, 2023 · 1 comment
Open

Missing documentation for Single Sign-On (SSO) credentials #920

trevorstr opened this issue Oct 16, 2023 · 1 comment
Labels
documentation This is a problem with documentation p2 This is a standard priority issue

Comments

@trevorstr
Copy link

Describe the issue

We are an AWS partner and require SSO to access AWS via Okta. I am writing a Rust application against AWS APIs, which needs to authenticate via SSO.

There is no documentation on how to use SSO with the Rust SDK.

Using the crate reference, I was able to hack something together that compiles, but panics at runtime.

The AWS CLI works fine with SSO, so I know the credentials work alright. I need to get the Rust SDK working though.

use aws_sdk_s3 as s3;

use s3::Client;

#[tokio::main]
async fn main() {
    let sso_region = aws_config::meta::region::RegionProviderChain::default_provider().or_else("us-east-1").region().await;
    let sso_creds = aws_config::sso::Builder::new();

    let prov_config = aws_config::
    let sso_prov = sso_creds
        .region(sso_region.unwrap())
        .role_name("AdministratorAccess")
        .start_url("https://zzzzzzzzzz.awsapps.com/start#")
        .account_id("zzzzzzzzz")
        .build();

    let target_region = aws_config::meta::region::RegionProviderChain::default_provider().or_else("us-west-2").region().await.unwrap();
    let config_aws = aws_config::ConfigLoader::default().credentials_provider(sso_prov).region(target_region).load().await;

    let s3_client = s3::Client::new(&config_aws);

    let bucket_list = s3_client.list_buckets().send().await;

    for bucket in bucket_list.unwrap().buckets.unwrap() {
        println!("{}", bucket.name.unwrap());
    }
}

The panic shows this error message, indicating that the Rust SDK is looking for a SSO cache file that doesn't even exist on the local filesystem:

ProviderError(ProviderError { source: IoError { err: Os { code: 2, kind: NotFound, message: "No such file or directory" }, path: "/Users/zzzzzzz/.aws/sso/cache/zzzzzzzzzz.json" } }), connection: Unknown } })', src/main.rs:23:31
note: run with RUST_BACKTRACE=1 environment variable to display a backtrace

How do I authenticate to AWS with SSO, using the Rust SDK?

Links

https://docs.aws.amazon.com/sdk-for-rust/latest/dg/credentials.html
@trevorstr trevorstr added documentation This is a problem with documentation needs-triage This issue or PR still needs to be triaged. labels Oct 16, 2023
@jdisanti
Copy link
Contributor

Unfortunately, what you're trying to do isn't implemented in the current release (see #703). I think it should land in a release fairly soon though, as it's just about ready to be merged (smithy-lang/smithy-rs#2917).

@Velfi Velfi added pending-release This issue will be fixed by an approved PR that hasn't been released yet. and removed needs-triage This issue or PR still needs to be triaged. labels Oct 19, 2023
@calavera calavera mentioned this issue Oct 30, 2023
Closed
@jmklix jmklix added p2 This is a standard priority issue and removed pending-release This issue will be fixed by an approved PR that hasn't been released yet. labels Feb 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation This is a problem with documentation p2 This is a standard priority issue
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jdisanti @Velfi @jmklix @trevorstr