Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

okta-cli does not work, seems 'role' is missing in 'Please select the AWS role' #195

Open
jirib opened this issue Jun 2, 2022 · 1 comment
Open

okta-cli does not work, seems 'role' is missing in 'Please select the AWS role' #195

jirib opened this issue Jun 2, 2022 · 1 comment

Comments

@jirib
Copy link

jirib commented Jun 2, 2022

Describe the bug

okta-cli does not work, seems 'role' is missing in 'Please select the AWS role'.

To Reproduce

$ cat ~/.okta-aws
[689539849730_AWSAdministratorAccess]
username = jirib@example.com
app-link = https://example.okta.com/home/amazon_aws_sso/0oa7iqa96irc5I3ok357/aln1ghfn5xxV7ZPbE1d8
base-url = example.okta.com
duration = 3600

$ cat ~/.aws/config 
[689539849730_AWSAdministratorAccess]
region = eu-central-1
output = json

Expected behavior

I expect to see able able to use awscli via okta-awscli.

Output

$ okta-awscli --debug -v --okta-profile 689539849730_AWSAdministratorAccess --profile 689539849730_AWSAdministratorAccess
INFO - No existing credentials found. Requesting new credentials.
INFO - App Link set as: https://example.okta.com/home/amazon_aws_sso/0oa7iqa96irc5I3ok357/aln1ghfn5xxV7ZPbE1d8
INFO - Authenticating to: example.okta.com
INFO - Authenticating as: jirib@example.com
Enter password: 
ERROR - Unsupported factorType: webauthn
DEBUG - {'id': 'uftcgbjcm9OfBZllr357', 'factorType': 'token:software:totp', 'provider': 'GOOGLE', 'vendorName': 'GOOGLE', 'profile': {'credentialId': 'jirib@example.com'}, '_links': {'verify': {'href': 'https://example.okta.com/api/v1/authn/factors/uftcgbjcm9OfBZllr357/verify', 'hints': {'allow': ['POST']}}}}
Enter MFA verification code: 461294
INFO - Please choose a role.
Please select the AWS role: 
Traceback (most recent call last):
  File "/home/jiri/.local/bin/okta-awscli", line 8, in <module>
    sys.exit(main())
  File "/home/jiri/.local/lib/python3.8/site-packages/click/core.py", line 1130, in __call__
    return self.main(*args, **kwargs)
  File "/home/jiri/.local/lib/python3.8/site-packages/click/core.py", line 1055, in main
    rv = self.invoke(ctx)
  File "/home/jiri/.local/lib/python3.8/site-packages/click/core.py", line 1404, in invoke
    return ctx.invoke(self.callback, **ctx.params)
  File "/home/jiri/.local/lib/python3.8/site-packages/click/core.py", line 760, in invoke
    return __callback(*args, **kwargs)
  File "/home/jiri/.local/lib/python3.8/site-packages/oktaawscli/okta_awscli.py", line 141, in main
    get_credentials(
  File "/home/jiri/.local/lib/python3.8/site-packages/oktaawscli/okta_awscli.py", line 37, in get_credentials
    role = aws_auth.choose_aws_role(assertion, refresh_role)
  File "/home/jiri/.local/lib/python3.8/site-packages/oktaawscli/aws_auth.py", line 77, in choose_aws_role
    role_choice = int(input('Please select the AWS role: ')) - 1
ValueError: invalid literal for int() with base 10: ''

Environment (please complete the following information):

  • OS: OpenSUSE TW - (rolling distro, max one week old updates)
  • Version: 0.5.4
@phodamentals
Copy link

phodamentals commented Jul 15, 2022
edited

I'm able to reproduce this as well:

role_choice = int(input('Please select the AWS role: ')) - 1
ValueError: invalid literal for int() with base 10: ''

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jirib @phodamentals