If the role session name is longer than 64 characters, AWS rejects the request.
Group 0: FAILED
arn:aws:kms:us-east-1:1234567890:key/64ccacc1-51ec-4bd4-a7ae-252aa4a0761a: FAILED
- | Error creating AWS session: Failed to assume role
| "arn:aws:iam::945855773920:role/sops-role": ValidationError:
| 1 validation error detected: Value
| 'sops@uilder-base-feature-2fcoredevop-67-ispec-container-test-2-ds4q3'
| at 'roleSessionName' failed to satisfy constraint: Member
| must have length less than or equal to 64
| status code: 400, request id:
| 5c68ad21-0a4e-4560-bad6-13557bb18166
arn:aws:kms:us-east-1:1234567890:key/3a8b8ed7-3ed5-4f45-bf73-61819111babc: FAILED
- | Error creating AWS session: Failed to assume role
| "arn:aws:iam::583254977725:role/sops-role": ValidationError:
| 1 validation error detected: Value
| 'sops@uilder-base-feature-2fcoredevop-67-ispec-container-test-2-ds4q3'
| at 'roleSessionName' failed to satisfy constraint: Member
| must have length less than or equal to 64
| status code: 400, request id:
| 47fe5749-8aca-4072-8116-a701ae989952
In this case, it was caused by kubernetes pods created automatically via Jenkins. I'll submit a PR momentarily with a fix.
If the role session name is longer than 64 characters, AWS rejects the request.
In this case, it was caused by kubernetes pods created automatically via Jenkins. I'll submit a PR momentarily with a fix.