Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to pull project using SSO #13730

Closed
2 tasks done
ellsssss opened this issue Apr 22, 2024 · 5 comments
Closed
2 tasks done

Unable to pull project using SSO #13730

ellsssss opened this issue Apr 22, 2024 · 5 comments
Labels
pending-triage Issue is pending triage platform-pull Issues related to `amplify pull`

Comments

@ellsssss
Copy link

How did you install the Amplify CLI?

npm

If applicable, what version of Node.js are you using?

21.5.0

Amplify CLI Version

12.11.1

What operating system are you using?

Mac

Did you make any manual changes to the cloud resources managed by Amplify? Please describe the changes made.

No

Describe the bug

Im trying to pull an existing project from amplify using the following command and choosing AWS profile for authentication method.
amplify pull --appId 123466foobar --envName dev

This is how I have setup my profiles according to https://docs.amplify.aws/javascript/start/getting-started/installation/#manually-configure-the-amplify-cli

[profile my-sso-profile]
sso_session = my-sso
sso_account_id = 123456789
sso_role_name = AdministratorAccess
region = us-east-2
output = json
credential_process = aws configure export-credentials --profile my-sso-profile

[sso-session my-sso]
sso_region = us-east-2
sso_start_url = https://mycompany.awsapps.com/start
sso_registration_scopes = sso:account:access

I get this error

 Select the authentication method you want to use: AWS profile

For more information on AWS Profiles, see:
https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-profiles.html

? Please choose the profile you want to use my-sso-profile
🛑 App 123466foobar not found.

Resolution: Check that the region of the Amplify App is matching the configured region.
Learn more at: https://docs.amplify.aws/cli/project/troubleshooting/

ProjectNotFoundError: App 123466foobar not found.
    at getAmplifyApp (/snapshot/amplify-cli/build/node_modules/@aws-amplify/amplify-provider-awscloudformation/lib/attach-backend.js:182:13)
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async Object.run (/snapshot/amplify-cli/build/node_modules/@aws-amplify/amplify-provider-awscloudformation/lib/attach-backend.js:115:22)
    at async Object.attachBackend (/snapshot/amplify-cli/build/node_modules/@aws-amplify/amplify-provider-awscloudformation/lib/index.js:196:3)
    at async queryProvider (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/attach-backend-steps/a10-queryProvider.js:36:5)
    at async attachBackend (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/attach-backend.js:43:9)
    at async Object.run (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/commands/pull.js:64:9)
    at async Object.executeAmplifyCommand (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/index.js:194:9)
    at async executePluginModuleCommand (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/execution-manager.js:139:5)
    at async executeCommand (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/execution-manager.js:37:9)
    at async Object.run (/snapshot/amplify-cli/build/node_modules/@aws-amplify/cli-internal/lib/index.js:121:5)

App 123466foobar not found.
NotFoundException: App 123466foobar not found.
    at Object.extractError (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/protocol/json.js:80:27)
    at Request.extractError (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/protocol/rest_json.js:61:8)
    at Request.callListeners (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/sequential_executor.js:106:20)
    at Request.emit (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:686:14)
    at Request.transition (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /snapshot/amplify-cli/build/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:688:12)
    at Request.callListeners (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/sequential_executor.js:116:18)
    at Request.emit (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/sequential_executor.js:78:10)
    at Request.emit (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:686:14)
    at Request.transition (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:22:10)
    at AcceptorStateMachine.runTo (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/state_machine.js:14:12)
    at /snapshot/amplify-cli/build/node_modules/aws-sdk/lib/state_machine.js:26:10
    at Request.<anonymous> (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:38:9)
    at Request.<anonymous> (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/request.js:688:12)
    at Request.callListeners (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/sequential_executor.js:116:18)
    at callNextListener (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/sequential_executor.js:96:12)
    at IncomingMessage.onEnd (/snapshot/amplify-cli/build/node_modules/aws-sdk/lib/event_listeners.js:417:13)
    at IncomingMessage.emit (node:events:525:35)
    at IncomingMessage.emit (node:domain:489:12)
    at endReadableNT (node:internal/streams/readable:1359:12)
    at process.processTicksAndRejections (node:internal/process/task_queues:82:21)

When I do aws amplify list-apps --region us-east-2 --profile my-sso-profile I can see the App/Project in there, so not really sure what is going on. Also using long-lived access/secret key works just fine.

Expected behavior

Be able to pull an Amplify project using AWS profile as authentication method

Reproduction steps

  1. Setup aws profile according to https://docs.amplify.aws/javascript/start/getting-started/installation/#manually-configure-the-amplify-cli
  2. Run amplify pull --appId 123466foobar --envName dev

Project Identifier

No response

Log output

# Put your logs below this line

Additional information

No response

Before submitting, please confirm:

  • I have done my best to include a minimal, self-contained set of instructions for consistently reproducing the issue.
  • I have removed any sensitive information from my code snippets and submission.
@ellsssss ellsssss added the pending-triage Issue is pending triage label Apr 22, 2024
@ykethan
Copy link
Member

ykethan commented Apr 24, 2024

Hey @ellsssss, thank you for reaching out. When running just amplify pull without the app-id and env-name in a new directory, then selecting the profile does the prompt Which app are you working on? provide a list with the expected Amplify project? on selecting the project from the list are you able to pull the backend env?

@ykethan ykethan added pending-response Issue is pending response from the issue author platform-pull Issues related to `amplify pull` labels Apr 24, 2024
@ellsssss
Copy link
Author

@ykethan Hello! Thanks for the response!

When i try just amplify-pull, I see projects from a different AWS account under our org (the error does makes sense because the appID i was pulling does not exist there), which is strange since I have set the correct account id on the profile settings for sso_account_id. Any idea why its looking up from a different account instead of whats set on the profile?

@github-actions github-actions bot removed the pending-response Issue is pending response from the issue author label Apr 24, 2024
@ykethan
Copy link
Member

ykethan commented Apr 24, 2024

@ellsssss could run cat ~/.aws/config and re-verify if the account id. are you pulling the environment into a empty folder? Could you check for any environment variables that may be causing this behavior?
could you try removing the old sso local config and recreate using aws configure sso and rerun the pull?

@ykethan ykethan added the pending-response Issue is pending response from the issue author label Apr 24, 2024
@ellsssss
Copy link
Author

@ellsssss could run cat ~/.aws/config and re-verify if the account id. are you pulling the environment into a empty folder? Could you check for any environment variables that may be causing this behavior? could you try removing the old sso local config and recreate using aws configure sso and rerun the pull?

Thanks, this works now. This is what I had to do:

  • Clear out my ~/.aws/credentials file (not sure if this affected anything)
  • Comment out all stuff within ~/.aws/config and redo the aws configure sso process.
  • Added a line credential_process = aws configure export-credentials --profile my-dev-sso for the profile my-dev-sso

Thanks for the help, I was able to pull the project.

@github-actions github-actions bot removed the pending-response Issue is pending response from the issue author label Apr 24, 2024
@github-actions GitHub Actions
Copy link

This issue is now closed. Comments on closed issues are hard for our team to see.
If you need more assistance, please open a new issue that references this one.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
pending-triage Issue is pending triage platform-pull Issues related to `amplify pull`
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ykethan @ellsssss