aws dsql generate-db-connect-admin-auth-token not validating AWS profile and hostname #9840
Closed as not planned
Description
Describe the bug
aws dsql generate-db-connect-admin-auth-token \
--hostname <hostname> \
--port 5432 \
--region <region> \
Regression Issue
- Select this option if this issue appears to be a regression.
Expected Behavior
the command succeeds even when hostname is wrong eg : "abc" and without aws prodile setup which is very confusing. I was expecting some error like:
- the specified --profile does not exist or has invalid credentials, or
- the provided --hostname is incorrect or not associated with any valid DSQL instance
Current Behavior
It gave me token like this which is wrong.
aws dsql generate-db-connect-admin-auth-token --expires-in 3600 --region us-east-1 --hostname 72
output:
72/?Action=DbConnectAdmin&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAUN23WIZDHAGYPTMW%2F20251108%2Fus-east-1%2Fdsql%2Faws4_request&X-Amz-Date=20251108T193523Z&X-Amz-Expires=3600&X-Amz-SignedHeaders=host&X-Amz-Signature=115fe5272581bf32be3f7dcd3347f72d86db46dca84044273be96709d67dfb5e
Reproduction Steps
Just run this command with wrong hostname or with out even setting up aws profile.
aws dsql generate-db-connect-admin-auth-token --expires-in 3600 --region us-east-1 --hostname 72
Possible Solution
No response
Additional Information/Context
No response
CLI version used
aws-cli/2.28.21 Python/3.13.7 Darwin/25.1.0 exe/x86_64
Environment details (OS name and version, etc.)
mac OS, Tahoe 26.1