AWS_EXECUTION_ENV not propagated when executing shell scripts containing AWS CLI commands #2423
Description
Describe the bug
When executing shell scripts that contain AWS CLI commands through Amazon Q Developer IDE, the AWS_EXECUTION_ENV environment variable is not set, resulting in CloudTrail logs missing the AmazonQ-For-IDE identifier in the userAgent field.
PR #2059 added logic to set AWS_EXECUTION_ENV when the command string contains aws , but this detection fails for shell scripts because the command is the script path (e.g., bash ./test.sh), not the AWS CLI command itself.
To reproduce
- Create a shell script with AWS CLI commands:
#!/bin/bash
aws s3 ls-
Execute the script through Amazon Q Developer IDE
-
Check CloudTrail logs for the API call
-
Observe that the userAgent does not contain
exec-env/AmazonQ-For-IDE
Expected behavior
CloudTrail userAgent should include exec-env/AmazonQ-For-IDE Version/{version} similar to how amazon-q-developer-cli works:
userAgent: "[aws-cli/2.25.4 ... exec-env/AmazonQ-For-CLI-Version-1.18.1 ...]"
Actual behavior
CloudTrail userAgent does not include the identifier:
userAgent: "[aws-cli/2.25.4 ... md/command#s3.ls]"
Your Environment
- OS: macOS Sequoia ver. 15.7.1
- AWS CLI: aws-cli/2.25.4 Python/3.12.9 Darwin/24.6.0 exe/x86_64
- Amazon Q Developer IDE VSCode Extention: 1.99.0
Additional context
The current implementation in executeBash.ts only sets AWS_EXECUTION_ENV when params.command.includes('aws ') is true. This works for direct AWS CLI commands but fails for shell scripts.
Suggested fix: Always set AWS_EXECUTION_ENV for all command executions, as shell scripts may contain AWS CLI commands that we cannot detect by inspecting the command string alone. This approach is consistent with amazon-q-developer-cli's implementation.