diff --git a/awscli/customizations/assumerole.py b/awscli/customizations/assumerole.py index 46e34611f173..a18d0c822869 100644 --- a/awscli/customizations/assumerole.py +++ b/awscli/customizations/assumerole.py @@ -11,6 +11,7 @@ from botocore import credentials from botocore.compat import total_seconds from botocore.exceptions import PartialCredentialsError +from botocore.exceptions import UnknownCredentialError LOG = logging.getLogger(__name__) @@ -40,11 +41,12 @@ def inject_assume_role_provider(session, **kwargs): # * ... cred_chain = session.get_component('credential_provider') cred_chain.insert_before('shared-credentials-file', provider) - except Exception: + except (ValueError, UnknownCredentialError): + # Only catch UnknownCredentialError and ValueError # This is ok, it just means that we couldn't create the credential # provider object. LOG.debug("Not registering assume-role provider, credential " - "provider from session could not be created.") + "provider from session could not be created.", exc_info=True) def create_assume_role_provider(session, provider_cls): diff --git a/tests/unit/customizations/test_assumerole.py b/tests/unit/customizations/test_assumerole.py index 8d8b8675afba..79b5a34861cf 100644 --- a/tests/unit/customizations/test_assumerole.py +++ b/tests/unit/customizations/test_assumerole.py @@ -49,7 +49,9 @@ def test_assume_role_provider_registration(self): def test_provider_not_registered_on_error(self): session = mock.Mock() - session.get_component.side_effect = Exception( + # This is the exception raised when we can't retrieve the component + # from the ComponentLocator. + session.get_component.side_effect = ValueError( "Couldn't get credential_provider.") assumerole.inject_assume_role_provider( session, event_name='building-command-table.foo')