VSCode Kubernetes 扩展：无法解析配置文件 .aws/config

Question

使用最新的 VSCode 和插件版本。

AWS Toolkit 工作正常。

kubectl get pods 在终端上运行良好。

Kubernetes 扩展显示集群名称，但在尝试打开节点或其他东西时出现此错误：

Unable to parse config file: /Users/yurib/.aws/config Unable to parse config file: /Users/yurib/.aws/config Unable to parse config file: /Users/yurib/.aws/config Unable to parse config file: /Users/yurib/.aws/config Unable to parse config file: /Users/yurib/.aws/config Unable to connect to the server: getting credentials: exec: executable aws failed with exit code 255

没有日志，什么都没有...

配置：

[okta]
# Okta Dev APP
#####################
aws_saml_url = home/amazon_aws/adfdglkdfgkldfgj/274


# Dev is the HUB account
#########################
[profile dev]
# Role to assume - each team will use it’s own role
role_arn = arn:aws:iam::xxxxxxxx:role/okta-admin-role
region = us-east-1
# source_profile = dev
session_ttl = 12h


#Spoke Accounts
###################

[profile development]
# Role to assume - each team will use it’s own role
role_arn = arn:aws:iam::xxxxxxxx:role/okta-admin-role
region = us-east-1
source_profile = dev
session_ttl = 12h

#Staging
##########

[profile staging]
source_profile = dev
role_arn = arn:aws:iam::xxxxxxxx:role/aws-okta-admin-role
region = us-east-1
assume_role_ttl = 1h

#GAS
##########

[profile gass]
source_profile = dev
role_arn = arn:aws:iam::xxxxxxxx:role/aws-okta-admin-role
region = us-east-1
assume_role_ttl = 1h


#CRISPR
###########

[profile cris]
source_profile = dev
role_arn = arn:aws:iam::xxxxxxxx:role/aws-okta-admin-role
region = eu-west-1
assume_role_ttl = 1h

凭证：

[dev]
aws_access_key_id     = XXXXXXXXX
aws_secret_access_key = XXXXXX
aws_session_token     = XXXXXXXXX
aws_security_token    = XXXXXXXXX

[gas]
aws_access_key_id     = XXXXXXXXX
aws_secret_access_key = XXXXXXXXX
aws_session_token     = XXXXXXXXX
aws_security_token    = XXXXXXXXX

[crispr]
aws_access_key_id     = XXXXXXXXX
aws_secret_access_key = XXXXXXXXX
aws_session_token     = XXXXXXXXX
aws_security_token    = XXXXXXXXX

集群位于 CRISPR 帐户上。

kubeconfig 没问题。

Answer 1

根据文档

配置应该是这样的：

[default]
aws_access_key_id = xxxxxxxxxxxxxxx
aws_secret_access_key = yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy

我在我的 Mac 上发现了之前损坏的配置：

# Amazon Web Services Config File used by AWS CLI, SDKs, and tools
# This file was created by the AWS Toolkit for JetBrains plugin.
#
# Your AWS credentials are represented by access keys associated with IAM users.
# For information about how to create and manage AWS access keys for a user, see:
# https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
#
# This config file can store multiple access keys by placing each one in a
# named "profile". For information about how to change the access keys in a
# profile or to add a new profile with a different access key, see:
# https://docs.aws.amazon.com/cli/latest/userguide/cli-config-files.html
#
# If both a credential and config file exists, the values in the credential file
# take precedence

[default]
# The access key and secret key pair identify your account and grant access to AWS.
aws_access_key_id = [accessKey]
# Treat your secret key like a password. Never share your secret key with anyone. Do
# not post it in online forums, or store it in a source control system. If your secret
# key is ever disclosed, immediately use IAM to delete the access key and secret key
# and create a new key pair. Then, update this file with the replacement key details.
aws_secret_access_key = [secretKey]

# [profile user1]
aws_access_key_id = xxxxxxxxxxxxxxx
aws_secret_access_key = yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy

Answer 2

我重新排列了配置文件，它现在可以工作了。

工作 aws 配置：

[okta]
aws_saml_url = home/amazon_aws/yyYYhshdYndmd/313

[profile dev]
source_profile = dev
role_arn = arn:aws:iam::xxxxxxxxxxxx:role/okta-admin-role
region = us-east-1
session_ttl = 12h


[profile cris]
source_profile = dev
role_arn = arn:aws:iam::xxxxxxxxxxxx:role/aws-okta-admin-role
region = eu-west-1
assume_role_ttl = 1h


[profile staging]
source_profile = dev
role_arn = arn:aws:iam::xxxxxxxxxxxx:role/aws-okta-admin-role
region = us-east-1
assume_role_ttl = 1h


[profile rnla]
source_profile = dev
role_arn = arn:aws:iam::xxxxxxxxxxxx:role/aws-okta-admin-role
region = us-east-1
assume_role_ttl = 1h

Answer 3

就我而言，配置文件有重复条目。

Answer 4

当配置文件具有像您一样的

utf8

编码时，我看到了此错误。有时将编码更改为

ansi

可以解决此问题。

另一个解决方案是重命名/移动/删除存在此问题的配置文件，然后使用 aws cli 本身创建一个干净的版本，使用 aws configure set。只需在

aws configure set

后面加上部分名称（配置文件方括号中的位），将空格替换为点，然后是点和设置名称，后跟空格和设置值。

aws configure set okta.aws_saml_url home/amazon_aws/adfdglkdfgkldfgj/274

aws configure set profile.dev.role_arn arn:aws:iam::xxxxxxxx:role/okta-admin-role
aws configure set profile.dev.region us-east-1
aws configure set profile.dev.session_ttl 12h

aws configure set profile.development.role_arn arn:aws:iam::xxxxxxxx:role/okta-admin-role
aws configure set profile.development.region us-east-1
aws configure set profile.development.source_profile dev
aws configure set profile.development.session_ttl 12h

aws configure set profile.staging.source_profile dev
aws configure set profile.staging.role_arn arn:aws:iam::xxxxxxxx:role/aws-okta-admin-role
aws configure set profile.staging.region us-east-1
aws configure set profile.staging.assume_role_ttl 1h

aws configure set profile.gass.source_profile dev
aws configure set profile.gass.role_arn arn:aws:iam::xxxxxxxx:role/aws-okta-admin-role
aws configure set profile.gass.region us-east-1
aws configure set profile.gass.assume_role_ttl 1h

aws configure set profile.cris.source_profile dev
aws configure set profile.cris.role_arn arn:aws:iam::xxxxxxxx:role/aws-okta-admin-role
aws configure set profile.cris.region eu-west-1
aws configure set profile.cris.assume_role_ttl 1h

VSCode Kubernetes 扩展：无法解析配置文件 .aws/config

问题描述投票：0回答：4

4个回答

最新问题

VSCode Kubernetes 扩展：无法解析配置文件 .aws/config

问题描述 投票：0回答：4

4个回答

最新问题

问题描述投票：0回答：4