使用最新的 VSCode 和插件版本。
AWS Toolkit 工作正常。
kubectl get pods 在终端上运行良好。
Kubernetes 扩展显示集群名称,但在尝试打开节点或其他东西时出现此错误:
Unable to parse config file: /Users/yurib/.aws/config Unable to parse config file: /Users/yurib/.aws/config Unable to parse config file: /Users/yurib/.aws/config Unable to parse config file: /Users/yurib/.aws/config Unable to parse config file: /Users/yurib/.aws/config Unable to connect to the server: getting credentials: exec: executable aws failed with exit code 255
没有日志,什么都没有...
配置:
[okta]
# Okta Dev APP
#####################
aws_saml_url = home/amazon_aws/adfdglkdfgkldfgj/274
# Dev is the HUB account
#########################
[profile dev]
# Role to assume - each team will use it’s own role
role_arn = arn:aws:iam::xxxxxxxx:role/okta-admin-role
region = us-east-1
# source_profile = dev
session_ttl = 12h
#Spoke Accounts
###################
[profile development]
# Role to assume - each team will use it’s own role
role_arn = arn:aws:iam::xxxxxxxx:role/okta-admin-role
region = us-east-1
source_profile = dev
session_ttl = 12h
#Staging
##########
[profile staging]
source_profile = dev
role_arn = arn:aws:iam::xxxxxxxx:role/aws-okta-admin-role
region = us-east-1
assume_role_ttl = 1h
#GAS
##########
[profile gass]
source_profile = dev
role_arn = arn:aws:iam::xxxxxxxx:role/aws-okta-admin-role
region = us-east-1
assume_role_ttl = 1h
#CRISPR
###########
[profile cris]
source_profile = dev
role_arn = arn:aws:iam::xxxxxxxx:role/aws-okta-admin-role
region = eu-west-1
assume_role_ttl = 1h
凭证:
[dev]
aws_access_key_id = XXXXXXXXX
aws_secret_access_key = XXXXXX
aws_session_token = XXXXXXXXX
aws_security_token = XXXXXXXXX
[gas]
aws_access_key_id = XXXXXXXXX
aws_secret_access_key = XXXXXXXXX
aws_session_token = XXXXXXXXX
aws_security_token = XXXXXXXXX
[crispr]
aws_access_key_id = XXXXXXXXX
aws_secret_access_key = XXXXXXXXX
aws_session_token = XXXXXXXXX
aws_security_token = XXXXXXXXX
集群位于 CRISPR 帐户上。
kubeconfig 没问题。
根据文档
配置应该是这样的:
[default]
aws_access_key_id = xxxxxxxxxxxxxxx
aws_secret_access_key = yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
我在我的 Mac 上发现了之前损坏的配置:
# Amazon Web Services Config File used by AWS CLI, SDKs, and tools
# This file was created by the AWS Toolkit for JetBrains plugin.
#
# Your AWS credentials are represented by access keys associated with IAM users.
# For information about how to create and manage AWS access keys for a user, see:
# https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html
#
# This config file can store multiple access keys by placing each one in a
# named "profile". For information about how to change the access keys in a
# profile or to add a new profile with a different access key, see:
# https://docs.aws.amazon.com/cli/latest/userguide/cli-config-files.html
#
# If both a credential and config file exists, the values in the credential file
# take precedence
[default]
# The access key and secret key pair identify your account and grant access to AWS.
aws_access_key_id = [accessKey]
# Treat your secret key like a password. Never share your secret key with anyone. Do
# not post it in online forums, or store it in a source control system. If your secret
# key is ever disclosed, immediately use IAM to delete the access key and secret key
# and create a new key pair. Then, update this file with the replacement key details.
aws_secret_access_key = [secretKey]
# [profile user1]
aws_access_key_id = xxxxxxxxxxxxxxx
aws_secret_access_key = yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
我重新排列了配置文件,它现在可以工作了。
工作 aws 配置:
[okta]
aws_saml_url = home/amazon_aws/yyYYhshdYndmd/313
[profile dev]
source_profile = dev
role_arn = arn:aws:iam::xxxxxxxxxxxx:role/okta-admin-role
region = us-east-1
session_ttl = 12h
[profile cris]
source_profile = dev
role_arn = arn:aws:iam::xxxxxxxxxxxx:role/aws-okta-admin-role
region = eu-west-1
assume_role_ttl = 1h
[profile staging]
source_profile = dev
role_arn = arn:aws:iam::xxxxxxxxxxxx:role/aws-okta-admin-role
region = us-east-1
assume_role_ttl = 1h
[profile rnla]
source_profile = dev
role_arn = arn:aws:iam::xxxxxxxxxxxx:role/aws-okta-admin-role
region = us-east-1
assume_role_ttl = 1h
就我而言,配置文件有重复条目。
当配置文件具有像您一样的
utf8
编码时,我看到了此错误。有时将编码更改为 ansi
可以解决此问题。
另一个解决方案是重命名/移动/删除存在此问题的配置文件,然后使用 aws cli 本身创建一个干净的版本,使用 aws configure set。只需在
aws configure set
后面加上部分名称(配置文件方括号中的位),将空格替换为点,然后是点和设置名称,后跟空格和设置值。
aws configure set okta.aws_saml_url home/amazon_aws/adfdglkdfgkldfgj/274
aws configure set profile.dev.role_arn arn:aws:iam::xxxxxxxx:role/okta-admin-role
aws configure set profile.dev.region us-east-1
aws configure set profile.dev.session_ttl 12h
aws configure set profile.development.role_arn arn:aws:iam::xxxxxxxx:role/okta-admin-role
aws configure set profile.development.region us-east-1
aws configure set profile.development.source_profile dev
aws configure set profile.development.session_ttl 12h
aws configure set profile.staging.source_profile dev
aws configure set profile.staging.role_arn arn:aws:iam::xxxxxxxx:role/aws-okta-admin-role
aws configure set profile.staging.region us-east-1
aws configure set profile.staging.assume_role_ttl 1h
aws configure set profile.gass.source_profile dev
aws configure set profile.gass.role_arn arn:aws:iam::xxxxxxxx:role/aws-okta-admin-role
aws configure set profile.gass.region us-east-1
aws configure set profile.gass.assume_role_ttl 1h
aws configure set profile.cris.source_profile dev
aws configure set profile.cris.role_arn arn:aws:iam::xxxxxxxx:role/aws-okta-admin-role
aws configure set profile.cris.region eu-west-1
aws configure set profile.cris.assume_role_ttl 1h