AWS Toolkit vscode extension, Connect Using AWS Identity Center keeps trying to access the wrong region
I installed the extension AWS Toolkit for VScode. My IAM Identity Center Users, Groups, etc were all created in us-east-2.
But for some reason AWS keeps trying to route me through us-east-1 even though this causes an invalid_grant Invalid grant provided error. I tried setting the region for AWS Toolkit to us-east-2:
After setting the region to us-east-2, I tried to connect via AWS Identity Center.
But it still directs me to https://device.sso.us-east-1.amazonaws.com/ to enter in my auth code. Notice the us-east-1 in the url instead of us-east-2. When I enter in the auth code, I get the dreaded invalid_grant Invalid grant provided error:
So how do I force it to use us-east-2 instead of us-east-2? It seems to ignore the fact that I set the region to us-east-2.
It looks like you are trying to use a credentials profile configured to use AWS IAM Identity Center (AWS SSO). This profile may not be configured to refer to the region where your SSO portal is defined.
Check your credentials files (~/.aws/credentials and/or ~/.aws/config) for the credentials profile of interest. This profile should contain a sso_region property that is assigned to the region where your SSO portal is (us-east-2 in your case).
- Downloading an entire S3 bucket?
- Installing AWS CLI v2 through PIP on Windows
- How to tag Images output by AWS Image Builder Pipeline to include the Image in a Lifecycle Policy
- How to upgrade AWS CLI to the latest version?
- AWS EMR: Error parsing parameter: Expected: '=', received: 'EOF' for input:
- How do I set the name of the default profile in AWS CLI?
- `aws secretsmanager list-secrets` command to return secrets and filter them by tag
- Bash with AWS CLI - unable to locate credentials
- s3 - how to get fast line count of file? wc -l is too slow
- Using aws cli, what is best way to determine the current region
- Delete Full S3 Bucket CLI
- how to view aws log real time (like tail -f)
- AWS CLI - Saving the full output as a log file
- AWS-cli ec2 describe instances
- aws cli lambda-Could not parse request body into json
- Check instance status using filter with EC2 API
- Can I force CloudFormation to delete non-empty S3 Bucket?
- Error loading SSO Token: The SSO access token has either expired or is otherwise invalid
- How do i access AWS SAM-CLI through bash on windows?
- AWS EC2 'You are not authorized to perform this operation. Encoded authorization failure message:'
- How to login with AWS CLI using credentials profiles
- Is there a way to drop file extensions when using AWS CLI with --recursive?
- How to delete all images in an ECR repository?
- CDK Diff Fails with "Need to perform AWS calls, but no credentials have been configured" Despite Correct Role Assumption Setup
- Jenkins: Execute AWS CLI command inside a pipeline Jenkins file
- Parsing secrets from AWS secrets manager using AWS cli
- Delete all items in a DynamoDB table using bash with both partition and sort keys
- AWS sts assume role in one command
- UnrecognizedClientException error when authenticating on aws-cli
- AWS cli throws error when copying large files