skip to Main Content

I have a react Amplify App. All I want to do is work on it, push the changes to amplify, etc. These are all standard and basic commands like amplify push.

The problem is that shortly after starting to work on my app ( a month or two ), I was no longer allowed to push, pull, or work on the app from the command line. There is no explanation, and the only error is this …

An error occurred during the push operation: /
Access Denied

✅ Report saved: /var/folders/8j/db7_b0d90tq8hgpfcxrdlr400000gq/T/storygraf/report-1658279884644.zip

✔ Done

The logs created from the error show this.

error.json

{
"message": "Access Denied",
"code": "AccessDenied",
"region": null,
"time": "2022-07-20T01:20:01.876Z",
"requestId": "DRFVQWYWJAHWZ8JR",
"extendedRequestId": "hFfxnwUjbtG/yBPYG+GW3B+XfzgNiI7KBqZ1vLLwDqs/D9Qo+YfIc9dVOxqpMo8NKDtHlw3Uglk=",
"statusCode": 403,
"retryable": false,
"retryDelay": 60.622127086356855
}

I have two users in my .aws/credentials file. One is the default (which is my work account). The other is called "personal". I have tried to push with

amplify push
amplify push --profile default
amplify push --profile personal

It always results in the same.

I followed the procedure located here under the title "Create environment variables to assume the IAM role and verify access" and entered a new AWS_ACCESS_KEY_ID and a new AWS_SECRET_ACCESS_KEY. When I then run the command …

aws sts get-caller-id

It returns the correct Arn. However, there is a AWS_SESSION_TOKEN variable that the docs say need to be set, and I have no idea what that is.

Running amplify push under this new profile still results in an error.

I have also tried

AWS_PROFILE=personal aws sts get-caller-identity

Again, this results in the correct settings, but the amplify push still fails for the same reasons.

At this point, i’m ready to drop it and move to something else. I’ve been debugging this for literally months now and it would be far easier to setup a standard react app on S3 and stand up my resources manually without dealing with this.

Any help is appreciated.

2

Answers


  1. This is the same issue for me. There seems to be no way to reconfigure the CLI once its authentication method is set to profile. I’m trying to change it back to amplify studio and have not been able to crack the code on updating it. Documentation in this area is awful.

    Login or Signup to reply.
  2. In the amplify folder there is a .config directory. There are three files:

    local-aws-info.json
    local-env-info.json
    project-config.json
    

    project-config.json is required, but the local-* files maintain state for your local configuration. Delete these and you can reinit the project and reauthenticate the amplify cli for the environment

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search