Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

Getting "Invalid length for parameter WebIdentityToken, value: 1, using Open ID Connect

Saad Jahan
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
February 12, 2024

I want to trigger the AWS backup service whenever the Bitbucket pipeline runs and i am using Open ID connect and it works well for deployment on S3 and Elastic Beanstalk as the backend
currently, I am using the same IAM Role: AWS_OIDC_ROLE_ARN to trigger the AWS Backup service and also created a lambda function to trigger the AWS backup service when Bitbucket triggers lambda,.
Both approaches got the same error 

Parameter validation failed:
4
Invalid length for parameter WebIdentityToken, value: 1, valid min length: 4

 and it's due to the Open ID connect approach, how to resolve this issue 

here is my script 

pipelines:
default:
- step:
name: Install AWS CLI v2 and Invoke Lambda
image: node:16
script:
- curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
- unzip awscliv2.zip
- ./aws/install
- aws --version
# Set up the environment for Lambda invocation
- export AWS_REGION=ca-central-1
- export AWS_ROLE_ARN=arn:aws:iam::468973563763:role/BitBucket-access-Role-EB-deploy
- export AWS_WEB_IDENTITY_TOKEN_FILE=$(pwd)/web-identity-token
- echo $BITBUCKET_STEP_OIDC_TOKEN > $AWS_WEB_IDENTITY_TOKEN_FILE
- echo "$BITBUCKET_STEP_OIDC_TOKEN" | wc -m
- echo "$BITBUCKET_STEP_OIDC_TOKEN" > $AWS_WEB_IDENTITY_TOKEN_FILE
- cat $AWS_WEB_IDENTITY_TOKEN_FILE # Check the content of the token
- cat $AWS_WEB_IDENTITY_TOKEN_FILE # Check the content of the token
- unset AWS_ACCESS_KEY_ID
- unset AWS_SECRET_ACCESS_KEY
# Invoke the Lambda function
- aws lambda invoke --function-name Custom_RDS_Backup_using_AWS_CODEPIPELINE --invocation-type Event --payload '{"key":"value"}' --region $AWS_REGION response.json

1 answer

1 vote
Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
February 14, 2024

Hi Saad and welcome to the community!

I noticed that your step doesn't have OIDC enabled. Can you try adding

oidc: true

in the step and then run another build?

You can check the example bitbucket-pipelines.yml file on this page:

Kind regards,
Theodora

Abhinay Sutrakar August 28, 2024

Hi,

We are still facing even the oidc:flag is true

Theodora Boudale
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 2, 2024

Hi Abhinay,

Please create a support ticket and provide the URL of the Pipelines build with this error for further investigation. The support ticket will be visible to you and Atlassian staff, so anything you post there won't be publicly visible.

You can create a ticket via https://support.atlassian.com/contact/#/, in "What can we help you with?" select "Technical issues and bugs" and then Bitbucket Cloud as product. When you are asked to provide the workspace URL, please make sure you enter the URL of the workspace that is on a paid billing plan to proceed with ticket creation.

Kind regards,
Theodora

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
TAGS
AUG Leaders

Atlassian Community Events