Forum Discussion
Bug - CLI - AWS Plugin MFA Failing
Hi there,
I seem to be experiencing an issue with the CLI and AWS plugin where I select my credentials and try to run an aws command and I get the following error:
[ERROR] 2023/07/26 22:11:39 could not run plugin AWS CLI: failed to provision credentials, encountered error(s):
source profile "default" does not exist in your AWS config file
I tried to do some debugging so I ran the command in debug mode and without cache:
1) Debug Mode
op plugin run --debug -- aws ls s3
Output
10:05PM | DEBUG | Session delegation enabled
10:05PM | DEBUG | NM request: NmRequestAccounts
10:05PM | DEBUG | NM response: Success
10:05PM | DEBUG | NM request: NmRequestAccounts
10:05PM | DEBUG | NM response: Success
10:06PM | DEBUG | InitDefaultCache: successfully initialized cache
10:06PM | DEBUG | EncryptedKeysets: Cache hit on keyset
10:06PM | DEBUG | Vault: cache hit on vault XXXXXXXXXX
10:06PM | DEBUG | VaultItems: cache hit on vault items of vault XXXXXXXXXX
10:06PM | DEBUG | Item: VaultItems cache hit for vault XXXXXXXXXX - validating staleness using item version
10:06PM | DEBUG | Item: cache hit on item YYYYYYYYYY of vault XXXXXXXXXX
[ERROR] 2023/07/26 22:06:01 could not run plugin AWS CLI: failed to provision credentials, encountered error(s):
source profile "default" does not exist in your AWS config file
2) No Cache
op plugin run --debug --cache=false -- aws ls s3
Output
10:06PM | DEBUG | Session delegation enabled
10:06PM | DEBUG | NM request: NmRequestAccounts
10:06PM | DEBUG | NM response: Success
10:06PM | DEBUG | NM request: NmRequestAccounts
10:06PM | DEBUG | NM response: Success
[ERROR] 2023/07/26 22:06:40 could not run plugin AWS CLI: failed to provision credentials, encountered error(s):
source profile "default" does not exist in your AWS config file
This seems to be a recent issue as it was working with my credentials before. I have looked at similar issues on the forum but none seem to have points on how to resolve it. A few extra troubleshooting points:
- I did have a YubiKey attached but I've removed that to ensure it's not the problem.
- I generated a new client access key and secret to ensure it's not that as a problem.
- I've verified that the MFA serial entry is correct in the 1Password credential.
- I have specified the default region in the 1Password credential.
- I've removed the ~/.aws/credentials file as per the instructions on setting up the 1Password CLI plugin.
- I am able to login with the MFA code, it's how I login to AWS through the console frontend.
- My CLI is version 2.19.0 and I use ZSH
Any assistance here would be much appreciated!
1Password Version: 8.10.9
Extension Version: 2.13.0
OS Version: Fedora 38
Browser: Brave