SSO login fails with could not find source profile mycorpsso referenced from the root profile

[lcmgh]

Describe the bug

Hi!

For most of my Windows user the following setup to construct a working STS client works fine. However there is a Windows user which faces the Error.

Creating client for profile ReadOnly_eu
Caller identity: Err(sts caller identity failed

Caused by:
   0: failed to construct request
   1: failed to load credentials from the credentials cache
   2: an error occurred while loading credentials
   3: failed to construct request
   4: failed to load credentials from the credentials cache
   5: the credentials provider was not properly configured
   6: ProfileFile provider could not be built: profile `mycorpsso` was not defined: could not find source profile mycorpsso referenced from the root profile

The ~/.aws/credentials file contains a mycorpsso section

let region = Region::new(p.region.clone());

let inner_provider = aws_config::profile::ProfileFileCredentialsProvider::builder()
    .profile_name(p.source_profile.clone())
    .build();

let assume_role_provider = match env_proxy.clone() {
    Some(proxy) => {
        let provider_config = ProviderConfig::default().with_tcp_connector(proxy.clone());
        let http_connector = aws_smithy_client::hyper_ext::Adapter::builder().build(proxy);
        AssumeRoleProvider::builder(p.role_arn.clone())
            .region(region.clone())
            .session_name("app")
            .configure(&provider_config)
            .connection(http_connector)
            .build(inner_provider)
    }
    None => AssumeRoleProvider::builder(p.role_arn.clone())
        .region(region.clone())
        .session_name("app")
        .build(inner_provider),
};

let shared_config = aws_config::from_env()
    .credentials_provider(assume_role_provider)
    .region(RegionProviderChain::first_try(region))
    .profile_name(p.profile.clone());

let shared_config = match env_proxy.clone() {
    Some(proxy) => {
        let provider_config = ProviderConfig::default().with_tcp_connector(proxy.clone());
        let http_connector = aws_smithy_client::hyper_ext::Adapter::builder().build(proxy);
        shared_config
            .configure(provider_config)
            .http_connector(http_connector)
            .load()
            .await
    }
    None => shared_config.load().await,
};

let sts_client = aws_sdk_sts::Client::new(&shared_config);

println!(
    "Caller identity: {:?}",
    sts_client
        .get_caller_identity()
        .send()
        .await
        .wrap_err_with(|| eyre::eyre!("sts caller identity failed"))
);

Thanks for any ideas

Expected Behavior

Successful login

Current Behavior

See above

Reproduction Steps

See code above

Possible Solution

No response

Additional Information/Context

No response

Version

├── aws-config v0.55.1
│   ├── aws-credential-types v0.55.1
│   │   ├── aws-smithy-async v0.55.1
│   │   ├── aws-smithy-types v0.55.1
│   ├── aws-http v0.55.1
│   │   ├── aws-credential-types v0.55.1 (*)
│   │   ├── aws-smithy-http v0.55.1
│   │   │   ├── aws-smithy-types v0.55.1 (*)
│   │   ├── aws-smithy-types v0.55.1 (*)
│   │   ├── aws-types v0.55.1
│   │   │   ├── aws-credential-types v0.55.1 (*)
│   │   │   ├── aws-smithy-async v0.55.1 (*)
│   │   │   ├── aws-smithy-client v0.55.1
│   │   │   │   ├── aws-smithy-async v0.55.1 (*)
│   │   │   │   ├── aws-smithy-http v0.55.1 (*)
│   │   │   │   ├── aws-smithy-http-tower v0.55.1
│   │   │   │   │   ├── aws-smithy-http v0.55.1 (*)
│   │   │   │   │   ├── aws-smithy-types v0.55.1 (*)
│   │   │   │   ├── aws-smithy-types v0.55.1 (*)
│   │   │   ├── aws-smithy-http v0.55.1 (*)
│   │   │   ├── aws-smithy-types v0.55.1 (*)
│   ├── aws-sdk-sso v0.26.0
│   │   ├── aws-credential-types v0.55.1 (*)
│   │   ├── aws-endpoint v0.55.1
│   │   │   ├── aws-smithy-http v0.55.1 (*)
│   │   │   ├── aws-smithy-types v0.55.1 (*)
│   │   │   ├── aws-types v0.55.1 (*)
│   │   ├── aws-http v0.55.1 (*)
│   │   ├── aws-sig-auth v0.55.1
│   │   │   ├── aws-credential-types v0.55.1 (*)
│   │   │   ├── aws-sigv4 v0.55.1
│   │   │   │   ├── aws-smithy-http v0.55.1 (*)
│   │   │   ├── aws-smithy-http v0.55.1 (*)
│   │   │   ├── aws-types v0.55.1 (*)
│   │   ├── aws-smithy-async v0.55.1 (*)
│   │   ├── aws-smithy-client v0.55.1 (*)
│   │   ├── aws-smithy-http v0.55.1 (*)
│   │   ├── aws-smithy-http-tower v0.55.1 (*)
│   │   ├── aws-smithy-json v0.55.1
│   │   │   └── aws-smithy-types v0.55.1 (*)
│   │   ├── aws-smithy-types v0.55.1 (*)
│   │   ├── aws-types v0.55.1 (*)
│   ├── aws-sdk-sts v0.26.0
│   │   ├── aws-credential-types v0.55.1 (*)
│   │   ├── aws-endpoint v0.55.1 (*)
│   │   ├── aws-http v0.55.1 (*)
│   │   ├── aws-sig-auth v0.55.1 (*)
│   │   ├── aws-smithy-async v0.55.1 (*)
│   │   ├── aws-smithy-client v0.55.1 (*)
│   │   ├── aws-smithy-http v0.55.1 (*)
│   │   ├── aws-smithy-http-tower v0.55.1 (*)
│   │   ├── aws-smithy-json v0.55.1 (*)
│   │   ├── aws-smithy-query v0.55.1
│   │   │   ├── aws-smithy-types v0.55.1 (*)
│   │   ├── aws-smithy-types v0.55.1 (*)
│   │   ├── aws-smithy-xml v0.55.1
│   │   ├── aws-types v0.55.1 (*)
│   ├── aws-smithy-async v0.55.1 (*)
│   ├── aws-smithy-client v0.55.1 (*)
│   ├── aws-smithy-http v0.55.1 (*)
│   ├── aws-smithy-http-tower v0.55.1 (*)
│   ├── aws-smithy-json v0.55.1 (*)
│   ├── aws-smithy-types v0.55.1 (*)
│   ├── aws-types v0.55.1 (*)
├── aws-sdk-ec2 v0.26.0
│   ├── aws-credential-types v0.55.1 (*)
│   ├── aws-endpoint v0.55.1 (*)
│   ├── aws-http v0.55.1 (*)
│   ├── aws-sig-auth v0.55.1 (*)
│   ├── aws-smithy-async v0.55.1 (*)
│   ├── aws-smithy-client v0.55.1 (*)
│   ├── aws-smithy-http v0.55.1 (*)
│   ├── aws-smithy-http-tower v0.55.1 (*)
│   ├── aws-smithy-json v0.55.1 (*)
│   ├── aws-smithy-query v0.55.1 (*)
│   ├── aws-smithy-types v0.55.1 (*)
│   ├── aws-smithy-xml v0.55.1 (*)
│   ├── aws-types v0.55.1 (*)
├── aws-sdk-rds v0.26.0
│   ├── aws-credential-types v0.55.1 (*)
│   ├── aws-endpoint v0.55.1 (*)
│   ├── aws-http v0.55.1 (*)
│   ├── aws-sig-auth v0.55.1 (*)
│   ├── aws-smithy-async v0.55.1 (*)
│   ├── aws-smithy-client v0.55.1 (*)
│   ├── aws-smithy-http v0.55.1 (*)
│   ├── aws-smithy-http-tower v0.55.1 (*)
│   ├── aws-smithy-json v0.55.1 (*)
│   ├── aws-smithy-query v0.55.1 (*)
│   ├── aws-smithy-types v0.55.1 (*)
│   ├── aws-smithy-xml v0.55.1 (*)
│   ├── aws-types v0.55.1 (*)
├── aws-sdk-sts v0.26.0 (*)
├── aws-smithy-client v0.55.1 (*)

Environment details (OS name and version, etc.)

Latest windows

Logs

No response

[Velfi]

Hey @lcmgh, thanks for submitting this issue.

@jmklix Are you able to investigate this?

[lcmgh]

The user can create clients when Powershell is being used instead of git bash. I think it's related to that powershell and git bash refer to different home folders.

That might be caused due to the fact that there are two home directories (one on C: and another one via network drive U:). Interestingly both contain an .aws config file (probably from using git bash with an internal sso login tool before)

[lcmgh]

Error was on my side. Had constructed paths manually rather than using join.

[github-actions]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.