Hi I'm new to sst and I'm just trying out an examp...
# helpw
Warwick Grigg
05/04/2021, 2:00 PMHi I'm new to sst and I'm just trying out an example for the first time in conjunction with aws-vault, but getting this error:
25705 PM | CREATE_FAILED | AWS:IAM:Role | FilePublishingRole The security token included in the request is invalid (Service: AmazonIdentityManagement; Status Code: 403; E
steps to reproduce:
svn checkout https://github.com/serverless-stack/examples/trunk/rest-api
cd rest-api
npm i
aws-vault exec wadminv --debug -- npm run start
However both these execute correctly:
aws-vault exec wadminv --debug --no-session -- npm run start
aws-vault exec wadminv -- aws s3 ls
I'd appreciate some guidance on what to investigate or try?
f
Frank
05/04/2021, 2:48 PM
Hey @Warwick Grigg, welcome to SST!
Frank
05/04/2021, 2:50 PM
Thanks for the details. Let me give ur setup a try in a bit.
w
Warwick Grigg
05/04/2021, 2:55 PMThank you!
Warwick Grigg
05/04/2021, 5:41 PMHold back on that for a moment please. I've found some info in the aws-vault issues that says "if you need access to IAM operations with a session token, it should be MFA authenticated. It's a requirement from AWS. Please add
mfa_serialaws-vaultWarwick Grigg
05/05/2021, 2:21 PMYes, that's the solution. I assigned a virtual MFA device, added it to aws config and it's all working as I hoped. Thank you for all your work on SST!
f
Frank
05/05/2021, 4:48 PM
Oh nice. Glad you got it to work!