Taskcat not working with AWS SSO

[jaglade]

Describe the bug
Taskcat not working with aws sso credentials.

To Reproduce
Steps to reproduce the behavior:
Using an aws sso login, try to run taskcat test run or aws2-wrap --profile default taskcat test run
aws2-wrap is what I use to get most other commands that depend on a traditional credentials file.
Either way, both commands fail with [ERROR ] : NoCredentialsError Unable to locate credentials

Expected behavior
I would expect taskcat to be able to test my template against my aws account

**Version (Please make sure you are running the latest version of taskcat)

• Taskcat Version 0.9.19

[andrew-glenn]

With the release of 0.9.0, we made the design decision to not honor credentials that were stored in environment variables. Looking over the documentation for aws2-wrap, it appears that it leverages environment variables as a primary mechanism for credential management.

We're willing to reconsider this in a future release, however in the interim, I see that aws2-wrap has a way to leverage it as an external credential process.

From their readme:

Use the credentials via .aws/config

If you are using a tool that works with normal AWS credentials but doesn't understand the new AWS SSO credentials, another option is to add a profile to .aws/config that calls the aws2-wrap script.

For example, add the following block to .aws/config:

[profile Wrapped]
credential_process = aws2-wrap --process --profile <awsprofilename>

From there, your taskcat config file would look like this:

general:
  auth:
    default: Wrapped

Please let me know what the results are. Thanks

[jaglade]

That worked! Thank you for looking into that for me even though it was unrelated to taskcat.

[andrew-glenn]

Glad it worked! I'm leaving this open to capture in our documentation.