From 0d0349c718361c46fe383554761bc18b5ef59d0c Mon Sep 17 00:00:00 2001 From: Sanket Tangade Date: Tue, 19 May 2026 14:44:15 -0700 Subject: [PATCH] Fix Invoke-AWSSSOLogin failure when default profile is configured for SSO --- .../Common/Internal/SSOProfileMethods.cs | 15 ++++++++++----- modules/AWSPowerShell/Common/SSOCmdlets.cs | 6 +++--- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/modules/AWSPowerShell/Common/Internal/SSOProfileMethods.cs b/modules/AWSPowerShell/Common/Internal/SSOProfileMethods.cs index cdda7d1837..8fbc9ef2dc 100644 --- a/modules/AWSPowerShell/Common/Internal/SSOProfileMethods.cs +++ b/modules/AWSPowerShell/Common/Internal/SSOProfileMethods.cs @@ -37,6 +37,8 @@ public static class SSOProfileMethods private const string SsoSessionProfilePrefix = "sso-session"; + private const string DefaultProfileName = "default"; + /// /// Regex: /// - Starts with "sso-session" @@ -94,11 +96,11 @@ private static string GetSharedConfigFilePath(this SharedCredentialsFile @this) /// Returns a ProfileIniFile of the shared config file. /// /// The SharedCredentialsFile to retrieve the config file for. + /// When true, opens the file in permissive mode so bare [default] section headers are recognized. /// A ProfileIniFile instance of the config file. - private static ProfileIniFile GetSharedConfigFile(this SharedCredentialsFile @this) + private static ProfileIniFile GetSharedConfigFile(this SharedCredentialsFile @this, bool isDefaultProfile = false) { - // Second parameter profileMarkerRequired is required to be true for config files, but not for general ini files. - return new ProfileIniFile(@this.GetSharedConfigFilePath(), true); + return new ProfileIniFile(@this.GetSharedConfigFilePath(), !isDefaultProfile); } private static void ThrowOnNullOrWhiteSpace(string name, string value) @@ -191,8 +193,11 @@ public static void RegisterSsoProfileAndSession(this CredentialProfile profile) profileProperties.Add(_regionPropertyName, profile.Region.SystemName); } - var configFile = sharedCredentialsFile.GetSharedConfigFile(); - configFile.EnsureSectionExists(SSOProfileMethods.CreateProfileName(profile.Name)); + var isDefaultProfile = profile.Name == DefaultProfileName; + var profileSectionName = isDefaultProfile ? DefaultProfileName : SSOProfileMethods.CreateProfileName(profile.Name); + + var configFile = sharedCredentialsFile.GetSharedConfigFile(isDefaultProfile); + configFile.EnsureSectionExists(profileSectionName); configFile.EnsureSectionExists(SSOProfileMethods.CreateSsoSessionProfileName(options.SsoSession)); configFile.EditSection(profile.Name, false, profileProperties); // Section must already exist to edit sso-session diff --git a/modules/AWSPowerShell/Common/SSOCmdlets.cs b/modules/AWSPowerShell/Common/SSOCmdlets.cs index c33c9e656f..97b0578b20 100644 --- a/modules/AWSPowerShell/Common/SSOCmdlets.cs +++ b/modules/AWSPowerShell/Common/SSOCmdlets.cs @@ -119,8 +119,8 @@ protected override void ProcessRecord() if (!SettingsStore.TryGetProfile("default", null, out var profile)) { this.ThrowTerminatingError(new ErrorRecord( - new ArgumentException($"profile {ProfileName} not found in the shared config (~/.aws/config) file."), - "ArgumentException", ErrorCategory.InvalidArgument, this.ProfileName)); + new ArgumentException($"default profile not found in the shared config (~/.aws/config) file."), + "ArgumentException", ErrorCategory.InvalidArgument, this)); } if (profile.Options.SsoSession != null && profile.Options.SsoStartUrl != null && @@ -132,7 +132,7 @@ protected override void ProcessRecord() { this.ThrowTerminatingError(new ErrorRecord( new ArgumentException($"Either ProfileName or SessionName or a default profile with SSO configuration is required."), - "ArgumentException", ErrorCategory.InvalidArgument, this.ProfileName)); + "ArgumentException", ErrorCategory.InvalidArgument, this)); } }