sticky-bear-14421
11/10/2020, 10:43 AM// Intermediate Provider
const providerIntermediate = new aws.Provider(
"assume-role",
{
assumeRole: {
roleArn: "arn:aws:iam::111111111111:role/intermediate",
sessionName: "intermediate",
},
region: aws.config.requireRegion(),
});
// sts get-caller-identity for intermediate role provider
aws.getCallerIdentity({provider: providerIntermediate}).then(onfulfilled => console.log(onfulfilled),onrejected => console.log(onrejected))
// Destination provider
const providerDestination = new aws.Provider("assume-dest-role", {
assumeRole: {
roleArn: "arn:aws:iam::222222222222:role/destination",
sessionName: "destination",
},
region: aws.config.requireRegion(),
},
{ provider: providerIntermediate, dependsOn: providerIntermediate }
);
// This one failes ..
aws.getCallerIdentity({provider: providerDestination}).then(onfulfilled => console.log(onfulfilled),onrejected => console.log("rejected with: "+ onrejected))
rejected with: Error: invocation of aws:index/getCallerIdentity:getCallerIdentity returned an error: 1 error occurred:
* error configuring Terraform AWS Provider: IAM Role (arn:aws:iam::222222222222:role/destination) cannot be assumed.
There are a number of possible causes of this - the most common are:
* The credentials used in order to assume the role are invalid
* The credentials do not have appropriate permission to assume the role
* The role ARN is not valid
Error: NoCredentialProviders: no valid providers in chain. Deprecated.
For verbose messaging see aws.Config.CredentialsChainVerboseErrors