Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

BUG | unhandled error when no role found #262

Open
juanmatias opened this issue Apr 19, 2024 · 0 comments · May be fixed by #288
Open

BUG | unhandled error when no role found #262

juanmatias opened this issue Apr 19, 2024 · 0 comments · May be fixed by #288
Assignees
@angelofenoglio
Labels
bug Something isn't working

Comments

@juanmatias
Copy link
Contributor

Describe the Bug

When running Leverage and setting roles, then deleting role and running Leverage again, instead of saying 'no role found' or something like this, it throws an unhandled error.

Expected Behavior

To have nice messages

Steps to Reproduce

Steps to reproduce the behavior:

  1. run leverage aws configure sso
  2. delete a role (or unlink an SSO group from an account)
  3. run leverage aws configure sso again
  4. See error

Screenshots

❯ leverage aws configure sso

[17:22:24.263] INFO     Configuring default profile.                                                                                    
[17:22:26.797] INFO     Configuring vp-sso profile.                                                                                     
[17:22:34.050] INFO     Fetching SSO code...                                                                                            
[17:22:36.310] INFO     Opening the browser... if it fails, open this link in your browser:                                             
                        https://device.sso.us-east-2.amazonaws.com/?user_code=QCSK-DWZV                                                 
[20:22:34]    INFO	Logging in...
Attempting to automatically open the SSO authorization page in your default browser.
If the browser does not open or you wish to use a different device to authorize this request, open the following URL:

https://device.sso.us-east-2.amazonaws.com/

Then enter the code:

QCSK-DWZV
Successfully logged into Start URL: https://vistapath.awsapps.com/start
[20:23:07]    INFO	Successfully logged in!

[17:23:08.203] INFO     Storing account information.                                                                                    
[17:23:08.208] INFO     Fetching accounts and roles...                                                                                  
[17:23:09.445] INFO     Adding profile vp-sso-management                                                                                
❯ ltp
[17:23:19.623] INFO     Attempting to get temporary credentials for apps-prd account.                                                   
Traceback (most recent call last):
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/bin/leverage", line 8, in <module>
    sys.exit(leverage())
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/click/core.py", line 1137, in __call__
    return self.main(*args, **kwargs)
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/click/core.py", line 1062, in main
    rv = self.invoke(ctx)
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/click/core.py", line 1668, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/click/core.py", line 1668, in invoke
    return _process_result(sub_ctx.command.invoke(sub_ctx))
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/click/core.py", line 1404, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/click/core.py", line 763, in invoke
    return __callback(*args, **kwargs)
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/leverage/_internals.py", line 50, in new_command
    return command(ctx.obj.container, *args, **kwargs)
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/click/decorators.py", line 26, in new_func
    return f(get_current_context(), *args, **kwargs)
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/leverage/modules/terraform.py", line 104, in plan
    invoke_for_all_commands(layers, _plan, args)
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/leverage/_internals.py", line 50, in new_command
    return command(ctx.obj.container, *args, **kwargs)
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/leverage/modules/terraform.py", line 280, in invoke_for_all_commands
    command(args=args)
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/leverage/_internals.py", line 50, in new_command
    return command(ctx.obj.container, *args, **kwargs)
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/leverage/modules/terraform.py", line 348, in _plan
    exit_code = tf.start_in_layer("plan", *tf.tf_default_args, *args)
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/leverage/container.py", line 601, in start_in_layer
    return self.start(command, *arguments)
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/leverage/container.py", line 594, in start
    with AwsCredsEntryPoint(self, self.entrypoint):
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/leverage/_utils.py", line 96, in __init__
    auth_method = container.auth_method()
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/leverage/container.py", line 507, in auth_method
    refresh_layer_credentials(self)
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/leverage/modules/auth.py", line 120, in refresh_layer_credentials
    credentials = client.get_role_credentials(
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/botocore/client.py", line 553, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "/home/jdelacamara/.local/share/virtualenvs/infrastructure-uZ6xKhk1/lib/python3.10/site-packages/botocore/client.py", line 1009, in _make_api_call
    raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (ForbiddenException) when calling the GetRoleCredentials operation: No access

Environment (please complete the following information):

Anything that will help us triage the bug will help. Here are some ideas:

  • OS: Linux
  • Version 6.6.26-1-MANJARO
  • Leverage 1.12.1
  • Toolbox binbash/leverage-toolbox:1.3.5-0.1.13
@juanmatias juanmatias added the bug Something isn't working label Apr 19, 2024
@angelofenoglio angelofenoglio linked a pull request Oct 17, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@angelofenoglio angelofenoglio

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Bugfix | Catch error for not found/forbidden role binbashar/leverage
2 participants
@juanmatias @angelofenoglio