-
Notifications
You must be signed in to change notification settings - Fork 4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(aws-cdk): fix profile use in non-'aws' partitions #1283
Conversation
@@ -389,6 +406,15 @@ async function hasEc2Credentials() { | |||
return instance; | |||
} | |||
|
|||
async function setConfigVariable() { | |||
const homeDir = process.env.HOME || process.env.USERPROFILE | |||
|| (process.env.HOMEPATH ? ((process.env.HOMEDRIVE || 'C:/') + process.env.HOMEPATH) : null) || os.homedir(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Wouldn't os.homedir()
just do all of this for you?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Don't know. This is exactly what the SDK code does, I don't want to risk us going out of sync because there's some environment variable effect somewhere that we haven't considered.
packages/aws-cdk/lib/api/util/sdk.ts
Outdated
// Since there is no way to pass a { region } argument to the STS client used for AssumeRole credentials | ||
// (https://github.com/aws/aws-sdk-js/issues/2377), we must now configure the region globally so that it will | ||
// be picked up there. | ||
// AWS.config.update({ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this not true anymore? I am confused...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, you're right. This wasn't sufficient. We MUST load the config, and we MUST set the env var to do so. Will remove.
|
Properly pass on the default region to the STS call we make to discover
the default AWS credentials.
Also, there is no way to make use of AssumeRole profiles without the
AWS_SDK_LOAD_CONFIG flag being set, so reintroduce setting that flag
if we discover the file to exist.
Fixes #1262 and fixes #1109.
Pull Request Checklist
Please check all boxes (including N/A items)
Testing
tests
manually executed (paste output to the PR description)
(currently maintained in a private repo).
Documentation
Title and description
fix(module): <title>
bug fix (patch)feat(module): <title>
feature/capability (minor)chore(module): <title>
won't appear in changelogbuild(module): <title>
won't appear in changelogBREAKING CHANGE: <describe exactly what changed and how to achieve similar behavior + link to documentation/gist/issue if more details are required>
Fixes #xxx
orCloses #xxx
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license.