AWS Credentials Chain

[jtuller]

Hi again @daidokoro,

I updated my local version of qaz to 0.81.3-beta from 0.81-beta and after adding notification-arns to the config.yml file I see notifications being published to my specified SNS topic.

I did however notice a change in the way in which qaz uses the credentials provider chain. I'm not sure what the problem could be, but here is the symptom:

I have my developer credentials in the ~/.aws/credentials file. These temporary credentials give me access to assume other roles - one of which is a 'stack builder' role that QAZ needs since
my developer credentials are not powerful enough to deploy stacks. During deployment (when calling qaz deploy or qaz update) I am setting my ENV variables to a different set of short lived credentials that I obtain through an aws sts assume-role call.

In version 0.81-beta qaz picks up the credentials from the environment variables.
version 0.81.3-beta does not pick up credentials from environment variables.

I'm getting this error from qaz when I try to redirect the AWS_SHARED_CREDENTIALS_FILE environment variable to a temp file that I am now storing my short lived stack builder credentials in.

QAZ throws the below error:
error: failed to fetch status for [myStack]: NoCredentialProviders: no valid providers in chain. Deprecated.
For verbose messaging see aws.Config.CredentialsChainVerboseErrors

Any thoughts?

[jtuller]

Update:
Ok - it looks like when setting this AWS_SHARED_CREDENTIALS_FILE and loading a [default] profile into that file QAZ picks it up...

Perhaps my method of using the ENV variable to store these short lived credentials was just deprecated...

• Jeff