mkit cant find AWS Credentials about mkit HOT 6 CLOSED

I saw this:
Is there a need to tell mkit to use ~/.aws/credentials ....setting the ENV variables breaks my cluster access
USING THE CHEF INSPEC TARGET OPTION TO PROVIDE CREDENTIALS ON AWS
Look for a file in your home directory named ~/.aws/credentials. If it does not exist, create it. Choose a name for your profile; here, we’re using the name ‘auditing’. Add your credentials as a new profile, in INI format:

[auditing]
aws_access_key_id = AKIA....
aws_secret_access_key = 1234....abcd
You may now run Chef InSpec using the --target / -t option, using the format -t aws://region/profile. For example, to connect to the Ohio region using a profile named ‘auditing’, use -t aws://us-east-2/auditing.

To verify your credentials, run

you$ inspec detect -t aws://

== Platform Details
Name: aws
Families: cloud, api
Release: aws-sdk-v2.10.125

from mkit.

If I'm understanding things correctly, your ~/.aws/credentials is being written into with a custom profile name (not default), so inside the container, it needs to know to use that profile instead. Try adding -e AWS_PROFILE=auditing (or whatever the SAML provided profile name is in your credentials file) to line 54 of the Makefile. It may help to run make shell-eks to get a shell inside the container with all the AWS envs and mounts in place so you can manually issue aws commands and validate auth came through.

from mkit.

It actually the profile is default in credentials:

[default]
output = json
region = us-west-2
aws_access_key_id = xxxxxxxxxxxxxxx
aws_secret_access_key = xxxxxxxxxxxxxxxxx

from mkit.

I just made a minor change to the mount path in the Makefile. Can you try it now?

If that doesn't work, can you test with something like AWS_REGION=us-west-2 AWS_ACCESS_KEY_ID=ASIAxxx AWS_SECRET_ACCESS_KEY=XXXyz make run-eks awsregion=us-east-1 clustername=eks1

from mkit.

That did the trick. Thanks!

from mkit.

Awesome! 👍

from mkit.