Fix for getting partition for federated users (#13992)
Federated users calling `iam:GetUser` will get the error code `InvalidClientTokenId` so this shouldn't bail out but instead continue on to try `sts:GetCallerIdentity`.
This commit is contained in:
parent
78c2720a4c
commit
2dd7e72674
|
@ -54,7 +54,7 @@ func GetAccountInfo(iamconn *iam.IAM, stsconn *sts.STS, authProviderName string)
|
||||||
awsErr, ok := err.(awserr.Error)
|
awsErr, ok := err.(awserr.Error)
|
||||||
// AccessDenied and ValidationError can be raised
|
// AccessDenied and ValidationError can be raised
|
||||||
// if credentials belong to federated profile, so we ignore these
|
// if credentials belong to federated profile, so we ignore these
|
||||||
if !ok || (awsErr.Code() != "AccessDenied" && awsErr.Code() != "ValidationError") {
|
if !ok || (awsErr.Code() != "AccessDenied" && awsErr.Code() != "ValidationError" && awsErr.Code() != "InvalidClientTokenId") {
|
||||||
return "", "", fmt.Errorf("Failed getting account ID via 'iam:GetUser': %s", err)
|
return "", "", fmt.Errorf("Failed getting account ID via 'iam:GetUser': %s", err)
|
||||||
}
|
}
|
||||||
log.Printf("[DEBUG] Getting account ID via iam:GetUser failed: %s", err)
|
log.Printf("[DEBUG] Getting account ID via iam:GetUser failed: %s", err)
|
||||||
|
|
Loading…
Reference in New Issue