2

I'm trying to use AWS cli within a script section of an Azure pipeline. The script section is in a template file and it's accessed from the main pipeline.

steps:
- bash: |
    step_function_state=`aws stepfunctions list-executions --state-machine-arn $(stateMachineArn) --status-filter RUNNING |  jq -r '.executions[]|.status' | head -1`
    echo "State machine RUNNING status: ${step_function_state}"
    # Rest of the script#
  displayName: "Test Script"
  env:
    AWS_ACCESS_KEY_ID: $(AWS_ACCESS_KEY_ID)
    AWS_DEFAULT_REGION: $(AWS_DEFAULT_REGION)
    AWS_SECRET_ACCESS_KEY: $(AWS_SECRET_ACCESS_KEY)

stateMachineArn, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY and AWS_DEFAULT_REGION are stored in a variable group. When running the pipeline it gives the following error,

An error occurred (UnrecognizedClientException) when calling the ListExecutions operation: The security token included in the request is invalid.

Using the same credentials I am able to run my local CLI and get the results. I tried printenv command and all the AWS variables are in the environment too. What could I possibly do wrong?

Improve this question

1 Answer 1

Reset to default
1

I realized that this issue occurred due to credential mismatch. After adding the correct credentials (same as local cli) the pipeline CLI also started to work. Based on the error log it felt like aws_session_token could be an issue but the actual issue was in aws_access_key_id and aws_secret_access_key.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.