Increase the default max buffer size for credential_process

[bondsbw]

AWS SSO produces session tokens that are larger than those produced by STS.

When supplied to .aws/config via credential_process, the SDK is unable to process the larger JSON object. It uses a maximum buffer size of 1024 bytes prior to commit 646ede7.

That commit increases the buffer size to 8KB. Please upgrade to SDK v1.25.42, or otherwise incorporate those changes to the maximum buffer size.

Thank you.

[bflad]

Hi @bondsbw 👋 Thank you for submitting this.

We'd like to understand a little more about this problem, including Terraform CLI and Terraform AWS Provider version information and preferably with the configurations and steps to reproduce the issue. The maintainers here are not experts on AWS SSO functionality. There are two things worth mentioning upfront though:

• The AWS Go SDK dependency defined in this repository only represents the minimum requirement for this library. Downstream projects (Terraform CLI for the Terraform S3 Backend and Terraform AWS Provider) include more recent versions of the AWS Go SDK to match their own requirements. The Terraform AWS Provider updates its dependency and releases very regularly, while the Terraform S3 Backend may be a little more laggard, but it was recently bumped to a recent version for supporting a new AWS region.
• We will expect any complexities in supporting AWS CLI v2's SSO to be handled upstream in the AWS Go SDK as necessary, e.g. Obtain credentials from cli/cache json file aws/aws-sdk-go#3186, rather than implementing support or workarounds in this library. We do not have resources to maintain this type of functionality at this time.

If you can provide the above requested information though, it can help us ensure we are properly resolving this if possible or punting on it. 😄

[gdavison]

Hi @bondsbw, is this still an issue? We're currently on the AWS SDK for Go v1.31.9, so we should have picked up the change you referenced above.