SCAR throwing “Must specify userName when calling with non-User credentials” error when using AWS temporary credentials.

[jmtroywork]

Scar version = 4.3.0
Python version = 3.9.6
Boto3 version = 1.26.53
System MAC OS Ventura 13.1, CHIP = APPLE M1 PRO

The AWS account I need to implement SCAR with does NOT allow access with just an IAM user with a key and secret. Because of this I use a login method that creates temporary credentials (creates a temporary token in addition to a temporary key and secret). This adds an entry (profile) in the ~/.aws/credentials file as below

% cat credentials

[learn]
aws_access_key_id = ASJUST-AN-EXAMPLEXZS
aws_secret_access_key = V7L7 JUST-AN-EXAMPLENrJUST-AN-EXAMPLE@!NY
aws_session_token = FwoGA_N_EXAMPLE_OF_A_VERT_LONG_SESSION_TOKENhoiYstV3VwNTAhxU=
note = Credential for 'exampleaccountname examplerole'; expires at '2023-02-08 03:56:18+00:00'

When running ‘scar ls’ is run I get the error below
% scar ls
There was an exception in get_user_info
Must specify userName when calling with non-User credentials

Here are the contents of ~/.scar/scar.log after the command is run
2023-02-07 14:32:30,055 - root - INFO - ----------------------------------------------------
2023-02-07 14:32:30,055 - root - INFO - SCAR execution started
2023-02-07 14:32:33,052 - botocore.credentials - INFO - Found credentials in shared credentials file: ~/.aws/credentials
2023-02-07 14:32:37,112 - root - ERROR - An error occurred (ValidationError) when calling the GetUser operation: Must specify userName when calling with non-User credentials
Traceback (most recent call last):
File "/Users/L045503/environments/SCAR/lib/python3.9/site-packages/scar/exceptions.py", line 32, in wrapper
return func(*args, **kwargs)
File "/Users/L045503/environments/SCAR/lib/python3.9/site-packages/scar/providers/aws/clients/iam.py", line 47, in get_user_info
raise cerr
File "/Users/L045503/environments/SCAR/lib/python3.9/site-packages/scar/providers/aws/clients/iam.py", line 38, in get_user_info
return self.client.get_user()
File "/Users/L045503/environments/SCAR/lib/python3.9/site-packages/botocore/client.py", line 530, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/Users/L045503/environments/SCAR/lib/python3.9/site-packages/botocore/client.py", line 960, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (ValidationError) when calling the GetUser operation: Must specify userName when calling with non-User credentials

I also get this error, and the same log contents when I run ‘scar init -f basic-cow.yaml’ after I have added the basic-com.yaml file from the documentation (Basic Usage — scar documentation) onto my laptop. (scar –help or scar –version DO NOT throw this error).

Additionally, I have tried the below AWS CLI commands and found that the ‘aws iam get-user' returns a similar error:

aws --profile learn iam get-user
An error occurred (ValidationError) when calling the GetUser operation: Must specify userName when calling with non-User credentials

However using aws sts get-caller-identity as suggested here (https://stackoverflow.com/questions/33332050/getting-the-current-user-account-id-in-boto3/37723278#37723278) does not return an error.

% aws --profile learn sts get-caller-identity
{
"UserId": "AROAxxxxxxxxxxxD3USI:XXXXXXX",
"Account": "XXXXXXXXXXXX",
"Arn": "arn:aws:sts::7 XXXXXXXXXXXX:assumed-role/user_role_in_aws/XXXXXX"
}

This seems to suggest that when using AWS temporary credentials, a different API call needs to be used to obtain the needed user information. See this post: sergiocorreia/quipucamayoc#3

NOTE: I have also successfully tested ‘scar ls’ using the same laptop and same software implementation (scar, python, boto3) but using an IAM User with only key and secret and accessing a DIFFERENT ACCOUNT (an account that allows access with just a key and secret, but also an account I cannot use for the project I’m working on). In this case ‘scar ls’ lists my lambda functions as it should.

Any help solving this problem would be appreciated.