Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS Profile flag doesn't work #439

Open
InAnimaTe opened this issue Mar 11, 2019 · 10 comments
Open

AWS Profile flag doesn't work #439

InAnimaTe opened this issue Mar 11, 2019 · 10 comments
Labels
bug help wanted

Comments

@InAnimaTe
Copy link

InAnimaTe commented Mar 11, 2019
edited
Loading

Sops 3.2.0 on OS X installed with Brew.

sops -d test-env.secret.sops.yml --aws-profile production
Failed to get the data key required to decrypt the SOPS file.

Group 0: FAILED
  arn:aws:kms:us-east-1:426575684472:key/b09749f5-2a39-4ac6-af5e-da9ca8c06194: FAILED
    - | Error decrypting key: AccessDeniedException: The ciphertext
      | refers to a customer master key that does not exist, does
      | not exist in this region, or you are not allowed to access.
      | 	status code: 400, request id:
      | cdf0ce06-d30e-7451-84d8-584d4052b716

Recovery failed because no master key was able to decrypt the file. In
order for SOPS to recover the file, at least one key has to be successful,
but none were.

However, export AWS_PROFILE=production works just fine.

ID's and uuids filtered.
@autrilla
Copy link
Contributor

autrilla commented Mar 12, 2019
edited
Loading

AWS profile support has not been released yet. You can install from master with go get if you really want it. I'm not sure when a new release will be cut. Probably when #435 lands.

@geljo
Copy link

geljo commented May 29, 2019

It still isnt working in SOPS 3.3.0 (latest). Installed via HomeBrew on OSX.

The workaround with setting the AWS_PROFILE manually, is working.

@vranystepan
Copy link

I can confirm it's (most likely) not OS-specific issue. Linux amd64 exhibits the same behavior.

@salmanb
Copy link

salmanb commented Oct 3, 2019

Doesn't seem to work in 3.4.0

@autrilla autrilla reopened this Oct 8, 2019
@pshanoop
Copy link

pshanoop commented Jan 3, 2020
edited
Loading

Doesn't seem to work in 3.4.0
It doesn't work on 3.5.0 too.
Setting AWS_PROFILE seem to be working, Temporary workaround. :'(

@autrilla autrilla mentioned this issue Jan 30, 2020
Closed
@GallagherSam
Copy link

Just a note.

Setting AWS_PROFILE will only work if you are using a ~/.aws/credentials file as well. It will NOT work with environment variable credentials. See the issue above ^^

@dsalaza4
Copy link

Are there any news regarding this bug?

@autrilla
Copy link
Contributor

No. We welcome contributions that fix it though.

@ajvb ajvb mentioned this issue Feb 20, 2020
Open
@kyusu kyusu mentioned this issue Jan 12, 2023
Closed
@act-mreeves
Copy link

I can confirm this is still an issue as of version 3.7.3 even though #435 was merged.

@azunnaHT
Copy link

This is still an issue

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
10 participants
@vranystepan @pshanoop @InAnimaTe @autrilla @salmanb @dsalaza4 @geljo @GallagherSam @act-mreeves @azunnaHT