Skip to content

Unable to create user according to instructions. #8323

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
tcmadd opened this issue Mar 30, 2025 · 1 comment
Closed

Unable to create user according to instructions. #8323

tcmadd opened this issue Mar 30, 2025 · 1 comment
Labels
pending-close-if-no-response question

Comments

@tcmadd
Copy link

tcmadd commented Mar 30, 2025
edited by ykethan
Loading

Environment information

npx ampx info
System:
  OS: macOS 15.3.2
  CPU: (8) arm64 Apple M2
  Memory: 159.56 MB / 8.00 GB
  Shell: /bin/zsh
Binaries:
  Node: 23.10.0 - /opt/homebrew/bin/node
  Yarn: undefined - undefined
  npm: 10.9.2 - /opt/homebrew/bin/npm
  pnpm: 10.5.1 - /opt/homebrew/bin/pnpm
NPM Packages:
  @aws-amplify/auth-construct: 1.6.1
  @aws-amplify/backend: 1.14.3
  @aws-amplify/backend-ai: Not Found
  @aws-amplify/backend-auth: 1.5.1
  @aws-amplify/backend-cli: 1.5.0
  @aws-amplify/backend-data: 1.4.1
  @aws-amplify/backend-deployer: 1.1.20
  @aws-amplify/backend-function: 1.12.3
  @aws-amplify/backend-output-schemas: 1.4.1
  @aws-amplify/backend-output-storage: 1.1.5
  @aws-amplify/backend-secret: 1.2.0
  @aws-amplify/backend-storage: 1.2.6
  @aws-amplify/cli-core: 1.4.1
  @aws-amplify/client-config: 1.5.8
  @aws-amplify/data-construct: 1.15.1
  @aws-amplify/data-schema: 1.20.1
  @aws-amplify/deployed-backend-client: 1.5.2
  @aws-amplify/form-generator: 1.0.5
  @aws-amplify/model-generator: 1.0.13
  @aws-amplify/platform-core: 1.6.5
  @aws-amplify/plugin-types: 1.8.1
  @aws-amplify/sandbox: 1.2.12
  @aws-amplify/schema-generator: 1.2.8
  aws-amplify: 6.13.6
  aws-cdk: 2.1005.0
  aws-cdk-lib: 2.185.0
  typescript: 5.8.2
No AWS environment variables
No CDK environment variables

Describe the bug

Following the instructions from the page: https://docs.amplify.aws/nextjs/start/account-setup/

The large multiline command pasted into cloudshell fails:

~ $ accountId=$(aws sts get-caller-identity | jq '.Account' -r)
~ $ aws sso-admin create-account-assignment --instance-arn $ssoArn --target-id $accountId --target-type AWS_ACCOUNT --permission-set-arn $permissionSetArn --principal-type USER --principal-id $userId

usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
To see help text, you can run:

  aws help
  aws <command> help
  aws <command> <subcommand> help

aws: error: argument --permission-set-arn: expected one argument

Reproduction steps

Following Instructions on the page: https://docs.amplify.aws/nextjs/start/account-setup/
After putting in my email I run the large multi-line command and receive:

~ $ accountId=$(aws sts get-caller-identity | jq '.Account' -r)
~ $ aws sso-admin create-account-assignment --instance-arn $ssoArn --target-id $accountId --target-type AWS_ACCOUNT --permission-set-arn $permissionSetArn --principal-type USER --principal-id $userId

usage: aws [options] <command> <subcommand> [<subcommand> ...] [parameters]
To see help text, you can run:

  aws help
  aws help
  aws <command> help
  aws <command> <subcommand> help
@ykethan
Copy link
Member

ykethan commented Mar 31, 2025

Hey @tcmadd, thank you for reaching out. Wanted to quickly confirm the commands being run, are you running all the commands as a single block in cloudshell?

response=$(aws sso-admin list-instances)
ssoId=$(echo $response | jq '.Instances[0].IdentityStoreId' -r)
ssoArn=$(echo $response | jq '.Instances[0].InstanceArn' -r)
email_json=$(jq -n --arg email "$user_email" '{"Type":"Work","Value":$email}')
response=$(aws identitystore create-user --identity-store-id $ssoId --user-name amplify-admin --display-name 'Amplify Admin' --name Formatted=string,FamilyName=Admin,GivenName=Amplify --emails "$email_json")
userId=$(echo $response | jq '.UserId' -r)
response=$(aws sso-admin create-permission-set --name amplify-policy --instance-arn=$ssoArn --session-duration PT12H)
permissionSetArn=$(echo $response | jq '.PermissionSet.PermissionSetArn' -r)
aws sso-admin attach-managed-policy-to-permission-set --instance-arn $ssoArn --permission-set-arn $permissionSetArn --managed-policy-arn arn:aws:iam::aws:policy/service-role/AmplifyBackendDeployFullAccess
accountId=$(aws sts get-caller-identity | jq '.Account' -r)
aws sso-admin create-account-assignment --instance-arn $ssoArn --target-id $accountId --target-type AWS_ACCOUNT --permission-set-arn $permissionSetArn --principal-type USER --principal-id $userId
# Hit enter

from the error message aws: error: argument --permission-set-arn: expected one argument the permissionSetArn variable is currently not being set, which should be populated from permissionSetArn=$(echo $response | jq '.PermissionSet.PermissionSetArn' -r)

@Amplifiyer Amplifiyer transferred this issue from aws-amplify/amplify-backend Apr 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
pending-close-if-no-response question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Amplifiyer @ykethan @tcmadd @ashika112