AWS Toolkit tasks blocked by custom task whitelist in Azure DevOps organization

[pfilbin90]

Describe the bug

My pipelines in Azure DevOps can't use a specific task from the "AWS Toolkit for Azure DevOps" extension. I get an error saying the tasks aren't allowed. The specific task I need is "InstallAWSCredentials@1" so that I can authenticate a bash script into AWS using an ADO Service Connection. Multiple LLMs have suggested this task to accomplish what I need (though I can't find any documentation on it... is it an actual task?). The FQDN of the task would be AmazonWebServices.aws-vsts-tools.InstallAWSCredentials@1.

The reason I'm trying this is because I originally tried:

    - task: AWSShellScript@1
      displayName: "Restart services via SSM for ${{ parameters.environment }}"
      inputs:
        awsCredentials: '$(awsCredentials)'

This method just hung, however, and failed to ever get to the actual script. The log output was the following (until I cancelled):

Configuring credentials for task
...configuring AWS credentials from service endpoint '**guid**'
...configuring AWS credentials from service endpoint '**guid**'
Skipping OIDC: not enabled in service connections
...configuring AWS credentials from service endpoint '**guid**'
...endpoint defines standard access/secret key credentials
Configuring region for task
...configured to use region us-east-1, defined in task.
/usr/bin/bash

To reproduce

1. I have the "AWS Toolkit for Azure DevOps" extension installed (version 1.20.0).
2. I try to create or edit a pipeline and the following task InstallAWSCredentials@1.
3. When I try to save or run the pipeline, I see an error message.

Expected behavior

The pipeline should accept the AWS task and let me save/run the pipeline without any errors about "invalid" tasks.

Screenshots

• AWS Toolkit installed:

• Pipeline error: - Org not recognizing task

Your Environment

• Where is your Azure DevOps?: It's the cloud version (Azure DevOps Services).
• Azure DevOps version: It's always up-to-date since it's the cloud version.
• AWS Toolkit for Azure DevOps version: 1.20.0 (This is the latest version, updated March 19, 2025).

Additional context

• I'm the main admin for my Azure DevOps setup.
• I can't see an option called "Decorators" in my Azure DevOps settings, which usually helps manage these kinds of rules.
• I also tried to check for decorators using a special command (an API call), but it told me the tool for checking decorators wasn't found or wasn't turned on for my account. This means the rules blocking AWS tasks aren't managed in the usual way.
• Azure DevOps support told me they don't help directly with extensions from their marketplace, so I'm coming to you.