- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
Hi, thank you so much for taking the time. The permission set is more or less identical to the one on my laptop. here is the .aws/config
file on my laptop (sensitive info redacted):
[profile dev]
sso_session=my_session
sso_account_id=1234567890
sso_role_name=PowerUserAccess
region=us-east-1
output=json
[sso-session my_session]
sso_start_url=https://99999999.awsapps.com/start
sso_region=us-east-1
sso_registration_scopes=sso:account:access
From .aws.config
from my lightsail instance:
[profile pu]
sso_session = lightsail-node1
sso_account_id = 1234567890 //same as above
sso_role_name = PowerUserAccess
region = us-east-1
output = json
[sso-session lightsail-node1]
sso_start_url = https://99999999.awsapps.com/start#. // same as above
sso_region = us-east-1
sso_registration_scopes = sso:account:access
when I git clone on my laptop (the former profile), it works. The lightsail instance (latter one) gives the 403.
Hello.
Since it is a 403 error, I believe that the SSO user may not have sufficient privileges.
What permission set does the SSO user have?
There is probably a history of GitPull execution in CloudTrail's API history, so you may be able to check the details from there.
https://docs.aws.amazon.com/awscloudtrail/latest/userguide/view-cloudtrail-events.html
Does the command specify the profile and repository name as below?
https://github.com/aws/git-remote-codecommit
git clone codecommit::ap-northeast-1://profilename@repositoryname
Contenuto pertinente
- AWS UFFICIALEAggiornata 3 anni fa
- AWS UFFICIALEAggiornata 3 anni fa
- AWS UFFICIALEAggiornata un anno fa
- AWS UFFICIALEAggiornata un anno fa
the logs aren't particularly helpful, although I do see "mfaAuthenticated":"false" in there. Not sure if this is relevant, or how I would mfa authenticate my lightsail bitnami SSH session . . .
Naomi