Credentials could not be loaded in self x64 windows hosted for aws-actions/configure-aws-credentials

[stevenruizhang]

Describe the bug

hi team,
I install self-hosted runner according to git hub guideline in my local windows11 , and i use aws sso login , get the aws credential in my local.
aws cli:

according to this doc , if the local runner has access to AWS credentials, such as an EC2 instance, then you do not need to provide IAM user access key credentials to this action. We will use the standard AWS JavaScript SDK credential resolution methods to find your credentials,
https://github.com/aws-actions/configure-aws-credentials

but seems like the results shows "Error: Credentials could not be loaded, please check your action inputs: Could not load credentials from any providers"

any configurations missing?

in the my terraform repo code, i use different profile setting in my local for different aws environment/account under different terraform folder(different terraform state file). So i need at least one profile can work in pipeline line, if also can configure the profile in git actions is perfect

give one aws dev account for example, i can use the profile approach setup resource in my local

Expected Behavior

i suppose the result running the aws sts get-caller-identity in pipeline get the same result from my local aws sts command line , but get error in pipeline

Current Behavior

Error: Credentials could not be loaded, please check your action inputs: Could not load credentials from any providers

Reproduction Steps

1. install the self x64 windows hosted in your local windows11
2. config the aws sso login in your local windows11
3. set below workflow file in the repo
4. trigger the pipeline manually

Workflow file for this run:
name: 'Win_Deploy'

on:
push:
branches: [ "main" ]
pull_request:
workflow_dispatch:

permissions:
id-token: write
contents: read

jobs:
build:
name: 'Terraform'
runs-on: self-hosted
steps:
# Clone the repository to the GitHub Actions runner
- name: Clone
uses: actions/checkout@v2
# Configure AWS Credentials
# You will need to replace <IAM_ROLE> with the IAM role ARN you created in the previous step
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v1
with:
aws-region: eu-central-1
- name: Sts GetCallerIdentity
run: |
aws sts get-caller-identity
- name: List S3 bucket
run: |
aws s3 ls
- name: Publish on aws dev env
if: github.ref == 'refs/heads/master'
run: ./publish_win.ps1 dev

Possible Solution

No response

Additional Information/Context

No response

[stevenruizhang]

if i remove aws credential setting in pipeline, i will get Error: failed to get shared config profile, my-dev-admin-profile when execute terraform plan command line
Workflow file for this run:
name: 'Win_Deploy'

on:
push:
branches: [ "main" ]
pull_request:
workflow_dispatch:

permissions:
id-token: write
contents: read

jobs:
build:
name: 'Terraform'
runs-on: self-hosted
steps:
# Clone the repository to the GitHub Actions runner
- name: Clone
uses: actions/checkout@v2
# Configure AWS Credentials
# You will need to replace <IAM_ROLE> with the IAM role ARN you created in the previous step
- name: Get AWS Configure List
run: |
aws configure list
- name: Publish on aws dev env
if: github.ref == 'refs/heads/master'
run: ./publish_win.ps1 dev
publish_win.ps1:
Param(
[string]$Env = 'dev'
)
if ($Env -eq 'dev') {
Write-Host('dev')
$currentPath = Get-Location
Write-Host "Current Path 1: $currentPath"
Write-Host('change path to \terraform\env\dev ')
Push-Location .\terraform\env\dev
Write-Host('terraform init')
terraform init --plugin-dir D:\Rancher\terraform.terraform.d\terraform-plugin-cache
Write-Host('terraform validate')
terraform validate --json
Write-Host('terraform fmt')
terraform fmt
Write-Host('terraform plan')
terraform plan

} elseif($Env -eq 'stage') {
Write-Host('stage')
} else {
Write-Host('prod')
}
pipeline error

[stevenruizhang]

i execute aws sso login, and i can get dev profile result for aws configure list --profile my-dev-admin-profile in my local, but when running the pipeline i get error "Error loading SSO Token: Token for my-sso does not exist", is that any configuration missing?

name: 'Win_Deploy'

on:
push:
branches: [ "main" ]
pull_request:
workflow_dispatch:

permissions:
id-token: write
contents: read

jobs:
build:
name: 'Terraform'
runs-on: self-hosted
steps:
# Clone the repository to the GitHub Actions runner
- name: Clone
uses: actions/checkout@v2
# Configure AWS Credentials
# You will need to replace <IAM_ROLE> with the IAM role ARN you created in the previous step
- name: Get AWS Configure List
run: |
aws configure list --profile my-dev-admin-profile
- name: Publish on aws dev env
if: github.ref == 'refs/heads/master'
run: ./publish_win.ps1 dev