Skip to content
This repository has been archived by the owner on Nov 2, 2022. It is now read-only.

An error occurred (ValidationError) when calling the AssumeRoleWithSAML operation: The requested DurationSeconds exceeds the MaxSessionDuration set for this role. #49

Open
tsukinosuke opened this issue Jan 22, 2021 · 1 comment
Open

An error occurred (ValidationError) when calling the AssumeRoleWithSAML operation: The requested DurationSeconds exceeds the MaxSessionDuration set for this role. #49

tsukinosuke opened this issue Jan 22, 2021 · 1 comment

Comments

@tsukinosuke
Copy link

I am getting below error when i run the command
................................

aws-jumpcloud exec rlb-int -- aws s3 ls

Using JumpCloud login details from your OS keychain.

Enter your JumpCloud multi-factor auth code: 317432

Attempting SSO authentication to Amazon Web Services...

Traceback (most recent call last):
File "/usr/local/bin/aws-jumpcloud", line 33, in
sys.exit(load_entry_point('aws-jumpcloud==2.1.7', 'console_scripts', 'aws-jumpcloud')())
File "/usr/local/Cellar/aws-jumpcloud/2.1.7/libexec/lib/python3.9/site-packages/aws_jumpcloud/cli.py", line 18, in main
args.func(args)
File "/usr/local/Cellar/aws-jumpcloud/2.1.7/libexec/lib/python3.9/site-packages/aws_jumpcloud/commands.py", line 99, in exec_command
session = _get_aws_session(args.profile)
File "/usr/local/Cellar/aws-jumpcloud/2.1.7/libexec/lib/python3.9/site-packages/aws_jumpcloud/commands.py", line 191, in _get_aws_session
_login_to_aws(keyring, profile)
File "/usr/local/Cellar/aws-jumpcloud/2.1.7/libexec/lib/python3.9/site-packages/aws_jumpcloud/commands.py", line 315, in _login_to_aws
session = assume_role_with_saml(role, saml_assertion)
File "/usr/local/Cellar/aws-jumpcloud/2.1.7/libexec/lib/python3.9/site-packages/aws_jumpcloud/aws.py", line 69, in assume_role_with_saml
sts_resp = client.assume_role_with_saml(
File "/usr/local/Cellar/aws-jumpcloud/2.1.7/libexec/lib/python3.9/site-packages/botocore/client.py", line 357, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/usr/local/Cellar/aws-jumpcloud/2.1.7/libexec/lib/python3.9/site-packages/botocore/client.py", line 676, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (ValidationError) when calling the AssumeRoleWithSAML operation: The requested DurationSeconds exceeds the MaxSessionDuration set for this role.
@ocschwar
Copy link

ocschwar commented May 4, 2021

You need to find the role you're trying to use, and set the MaxSessionDuration to be longer than 6 hours.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ocschwar @tsukinosuke