After further investigation, it appears to be looking for the SSO cached creds in the wrong file. (e.g. ...\.aws\sso\cache\8c949bbb2b27179c4e6e5d24c11b8bb3ada23a2a.json ). However, that file doesn't exist. When I manually create that file, all works fine. Any idea where it's getting the name of the cache file from?
gray-school-37527
07/29/2023, 1:54 PM
I've tried reinstalling the pulumi cli, aws cli and rebooting. For some reason it keeps looking for this exact same cache file every time.
gray-school-37527
07/29/2023, 2:56 PM
The aws cli works fine
gray-school-37527
07/29/2023, 7:33 PM
Found that it has to do with the use of a profile and sso-session in the .aws/config file. When a profile is pointing at an sso-session, the AWS CLI will generate a SSO cache file with a filename that matches the sha1 of the sso-session name. However, if no sso-sessoin is used in in the .aws/config file, the sha1 of the sso_start_url is used instead.
gray-school-37527
07/29/2023, 7:55 PM
Maybe this logic changed recently and the pulumi dependencies haven't caught up?