Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SDK config differs from AWS cli tool #384

Closed
mtibben opened this issue Sep 17, 2015 · 16 comments
Closed

SDK config differs from AWS cli tool #384

mtibben opened this issue Sep 17, 2015 · 16 comments
Labels
feature-request A feature should be added or improved.

Comments

@mtibben
Copy link

mtibben commented Sep 17, 2015

The AWS CLI tool stores the configured region in ~/.aws/config, however the golang SDK does not read it. For example, the config file might specify the region with

[default]
region = us-east-1

So when using the env var AWS_SHARED_CREDENTIALS_FILE=~/.aws/config, the default region actually comes from AWS_REGION instead. I understand the credentials file is different to the config file, but still it would be nice if the SDK and CLI were able to share config

Secondly, I noticed the SDK reads AWS_PROFILE and AWS_REGION instead of AWS_DEFAULT_PROFILE and AWS_DEFAULT_REGION as the cli tool does.

Again I can understand why things have been done this way - but is it necessary to have these differing ways to configure AWS tools? It would be easier if there was consistency.

@jasdel
Copy link
Contributor

jasdel commented Sep 18, 2015

Hi @mtibben thanks for posting this issue. Correct the Go SDK only supports the credentials file not the AWS CLI's config file. I'll mark this as a feature request were we could add support for the CLI specific configuration options.

@jasdel jasdel added the feature-request A feature should be added or improved. label Sep 18, 2015
@wt
Copy link

wt commented Oct 16, 2015

Here's the doc for the CLI tool:
http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html#cli-multiple-profiles

Any chance that those env vars could be consulted as well?

@jasdel
Copy link
Contributor

jasdel commented Oct 16, 2015

Other than the CLI config, the only environment vars the Go SDK doesn't support which the CLI is AWS_DEFAULT_REGION and AWS_DEFAULT_PROFILE in the SDKs these are AWS_REGION, AWS_PROFILE.

It should be noted though that adding support for these two additional environment configuration values would introduce breaking changes into the SDK.

@phoolish
Copy link

phoolish commented Dec 7, 2015

I might add that it would be helpful to have cross account role support as defined in this blog post.

@jasdel
Copy link
Contributor

jasdel commented Dec 8, 2015

Thanks for the suggestion @phoolish This is a nice feature of the CLI and would add nice functionality. I think you're able to do this now with the Go SDK but it requires a bit of manual process. Having this built in would be helpful. We're always looking for new features and PR, if you'd like to take a look at how this could be added to the SDK we'd be more than glad to review it. If you do, please create an additional issue so we can track that feature separately.

@phoolish
Copy link

phoolish commented Dec 8, 2015

Don't know too much go, but I was looking for a holiday project.

@smile-on
Copy link

smile-on commented Jan 8, 2016

@jasdel This issue with sdk ignoring shared config may be very annoying to anyone who uses aws sdk in the project that more than just a toy. It seams natural for integration tests to use connectivity config stored at the server in shared location and that would run into the limitation issue.

I'd like to make simple patch to aws-sdk-go that would allows sdk to read region from shared config if no value is given explicitly in code (as mentioned in #489). This is much simpler functionality and easy to test scope that this #384. The most importantly it helps in running practical integration test that share both credentials and config with CLI tools on the server. Would such simple patch be considered as a pool request or there is a plan for something bigger?

@jasdel
Copy link
Contributor

jasdel commented Jan 8, 2016

@smile-on Thanks for looking into this. We haven't added because we need to determine, if the SDKs were to support the CLI's config file, dhow far to go with the integration. Generally the region and credentials are helpful because it is an obvious configuration value which applies to all the SDK's and CLI. But the majority of the CLI's config file is specific to the CLI and its features.

In addition any change we make to how the SDK sources its configuration will need to backwards compatible. This most likely will mean loading a configuration from an additional source will need to be an opt-in process. Either through a flag in code or or environmental variable so that it does not automatically enable unexpectedly.

@Bowbaq
Copy link

Bowbaq commented Mar 4, 2016

Ran into this a few days ago, so I wrote a provider that reads from the CLI config file

@temujin9
Copy link

temujin9 commented Jul 2, 2016

@jasdel Have any decisions been made on priority for this? Its lack blocks a rather large chunk of my upcoming work.

@jasdel
Copy link
Contributor

jasdel commented Jul 7, 2016

Hi i'm starting to look at implementing this feature. Support for this feature would need to be opt so not to unexpectedly break user application's. Users should be able to opt into this feature vai an env var, and via in code configuration.

@jasdel jasdel added the investigating This issue is being investigated and/or work is in progress to resolve the issue. label Jul 7, 2016
@temujin9
Copy link

temujin9 commented Jul 8, 2016

https://github.com/Bowbaq/profilecreds has worked as a workaround: I would recommend it as a stepping-off point.

jasdel added a commit to jasdel/aws-sdk-go that referenced this issue Jul 18, 2016
Adds opt-in support for loading the SDK's configuration from the shared
config file (~/.aws/config) in addition to the current shared configuration
file (~/.aws/credentials). This option can be enabled with the env var
`AWS_SDK_LOAD_CONFIG` set to a truthy value, or creating a session with the
`session.NewFromSharedConfig()` helper instead of `session.New()`.

In addition to loading from the shared config file the SDK will also now
load region from the shared credentials file when the share config is
enabled. This changes also treats the syntax of both shared config and
credentials as the same.

See the session package for more information and examples.

Adds shared config support for aws#384
@jasdel
Copy link
Contributor

jasdel commented Jul 18, 2016

Thanks for the link @mtibben I've created a PR #761 which is the initial step to update the SDK to load configuration from the shared config file (/.aws/config) in addition to the shared credentials file (/.aws/credentials). I'm working on the Assume Role work now, and will update the PR once that work is ready.

jasdel added a commit to jasdel/aws-sdk-go that referenced this issue Jul 18, 2016
Adds opt-in support for loading the SDK's configuration from the shared
config file (~/.aws/config) in addition to the current shared configuration
file (~/.aws/credentials). This option can be enabled with the env var
`AWS_SDK_LOAD_CONFIG` set to a truthy value, or creating a session with the
`session.NewFromSharedConfig()` helper instead of `session.New()`.

In addition to loading from the shared config file the SDK will also now
load region from the shared credentials file when the share config is
enabled. This changes also treats the syntax of both shared config and
credentials as the same.

See the session package for more information and examples.

Adds shared config support for aws#384
jasdel added a commit to jasdel/aws-sdk-go that referenced this issue Jul 21, 2016
Adds opt-in support for loading the SDK's configuration from the shared
config file (~/.aws/config) in addition to the current shared configuration
file (~/.aws/credentials). This option can be enabled with the env var
`AWS_SDK_LOAD_CONFIG` set to a truthy value, or creating a session with the
`session.NewFromSharedConfig()` helper instead of `session.New()`.

In addition to loading from the shared config file the SDK will also now
load region from the shared credentials file when the share config is
enabled. This changes also treats the syntax of both shared config and
credentials as the same.

See the session package for more information and examples.

Adds shared config support for aws#384
jasdel added a commit to jasdel/aws-sdk-go that referenced this issue Jul 25, 2016
Adds opt-in support for loading the SDK's configuration from the shared
config file (~/.aws/config) in addition to the current shared configuration
file (~/.aws/credentials). This option can be enabled with the env var
`AWS_SDK_LOAD_CONFIG` set to a truthy value, or creating a session with the
`session.NewFromSharedConfig()` helper instead of `session.New()`.

In addition to loading from the shared config file the SDK will also now
load region from the shared credentials file when the share config is
enabled. This changes also treats the syntax of both shared config and
credentials as the same.

See the session package for more information and examples.

Adds shared config support for aws#384
jasdel added a commit to jasdel/aws-sdk-go that referenced this issue Jul 26, 2016
Adds opt-in support for loading the SDK's configuration from the shared
config file (~/.aws/config) in addition to the current shared configuration
file (~/.aws/credentials). This option can be enabled with the env var
`AWS_SDK_LOAD_CONFIG` set to a truthy value, or creating a session with the
`session.NewFromSharedConfig()` helper instead of `session.New()`.

In addition to loading from the shared config file the SDK will also now
load region from the shared credentials file when the share config is
enabled. This changes also treats the syntax of both shared config and
credentials as the same.

See the session package for more information and examples.

Adds shared config support for aws#384
@jasdel
Copy link
Contributor

jasdel commented Jul 26, 2016

Hi all I've created PR #761 which adds support for reading the shared config file to the SDK, in addition to assume role from a profile in the SDK's default credential chain.

I'm looking to gather any feedback about the change.

jasdel added a commit to jasdel/aws-sdk-go that referenced this issue Jul 29, 2016
Adds opt-in support for loading the SDK's configuration from the shared
config file (~/.aws/config) in addition to the current shared configuration
file (~/.aws/credentials). This option can be enabled with the env var
`AWS_SDK_LOAD_CONFIG` set to a truthy value, or creating a session with the
`session.NewFromSharedConfig()` helper instead of `session.New()`.

In addition to loading from the shared config file the SDK will also now
load region from the shared credentials file when the share config is
enabled. This changes also treats the syntax of both shared config and
credentials as the same.

See the session package for more information and examples.

Adds shared config support for aws#384
jasdel added a commit to jasdel/aws-sdk-go that referenced this issue Jul 29, 2016
Adds opt-in support for loading the SDK's configuration from the shared
config file (~/.aws/config) in addition to the current shared configuration
file (~/.aws/credentials). This option can be enabled with the env var
`AWS_SDK_LOAD_CONFIG` set to a truthy value, or creating a session with the
`session.NewFromSharedConfig()` helper instead of `session.New()`.

In addition to loading from the shared config file the SDK will also now
load region from the shared credentials file when the share config is
enabled. This changes also treats the syntax of both shared config and
credentials as the same.

See the session package for more information and examples.

Adds shared config support for aws#384
@mtibben
Copy link
Author

mtibben commented Aug 1, 2016

Hey thanks @jasdel, to be honest I can't remember the exact use-case I was having issues with when reporting this bug, but these days I'm using https://github.com/99designs/aws-vault which automatically sets all the potential environment variables like AWS_REGION and AWS_DEFAULT_REGION based on the ~/.aws/config. This has been working quite nicely for some time.

This work is certainly appreciated however, hopefully it leads to a smoother UX when using the SDK! Thanks!

jasdel added a commit that referenced this issue Aug 2, 2016
aws/session: Add support for shared config (~/.aws/config) file

Fix #384
@jasdel
Copy link
Contributor

jasdel commented Aug 2, 2016

Thanks for the update, and link @mtibben! I've merged in the change that implements the shared config with assume role support.

Let us know if you have any issues or additional feedback.

@jasdel jasdel removed the investigating This issue is being investigated and/or work is in progress to resolve the issue. label Aug 2, 2016
jasdel added a commit that referenced this issue Aug 2, 2016
skotambkar added a commit to skotambkar/aws-sdk-go that referenced this issue May 20, 2021
Ports v1 SDK's retry utilities to follow a consistent code path. aws.IsErrorRetryable is the primary entry point to determine if a request is retryable. Also ports support for service/kinesis to retry service specific API errors . Corrects sdk's behavior by not retrying errors with status code 501.

Related to aws#2744, aws#2774, aws#2751 and aws#1826

Fixes aws#372; Fixes aws#145
skotambkar added a commit to skotambkar/aws-sdk-go that referenced this issue May 20, 2021
Services
---
* Synced the V2 SDK with latest AWS service API definitions.

SDK Enhancements
---
* `aws/endpoints`: Expose DNSSuffix for partitions ([aws#369](aws/aws-sdk-go-v2#369))
  * Exposes the underlying partition metadata's DNSSuffix value via the `DNSSuffix` method on the endpoint's `Partition` type. This allows access to the partition's DNS suffix, e.g. "amazon.com".
  * Fixes [aws#347](aws/aws-sdk-go-v2#347)
* `private/protocol`: Add support for parsing fractional timestamp ([aws#367](aws/aws-sdk-go-v2#367))
  * Fixes the SDK's ability to parse fractional unix timestamp values and adds tests.
  * Fixes [aws#365](aws/aws-sdk-go-v2#365)
* `aws/ec2metadata`: Add marketplaceProductCodes to EC2 Instance Identity Document ([aws#374](aws/aws-sdk-go-v2#374))
  * Adds `MarketplaceProductCodes` to the EC2 Instance Metadata's Identity Document. The ec2metadata client will now retrieve these values if they are available.
  * Related to: [aws#2781](aws#2781)
* `aws`: Adds configurations to the default retryer ([aws#375](aws/aws-sdk-go-v2#375))
  * Provides more customization options for retryer by adding a constructor for default Retryer which accepts functional options. Adds NoOpRetryer to support no retry behavior. Exposes members of default retryer.
  * Updates the underlying logic used by the default retryer to calculate jittered delay for retry. Handles int overflow for retry delay.
  * Fixes [aws#370](aws/aws-sdk-go-v2#370)
* `aws` : Refactors request retry behavior path logic ([aws#384](aws/aws-sdk-go-v2#384))
  * Retry utilities now follow a consistent code path. aws.IsErrorRetryable is the primary entry point to determine if a request is retryable.
  * Corrects sdk's behavior by not retrying errors with status code 501. Adds support for retrying the Kinesis API error, LimitExceededException.
  * Fixes [aws#372](aws/aws-sdk-go-v2#372), [aws#145](aws/aws-sdk-go-v2#145)

SDK Bugs
---
* `aws`: Fixes bug in calculating throttled retry delay ([aws#373](aws/aws-sdk-go-v2#373))
  * The `Retry-After` duration specified in the request is now added to the Retry delay for throttled exception. Adds test for retry delays for throttled exceptions. Fixes bug where the throttled retry's math was off.
  * Fixes [aws#45](aws/aws-sdk-go-v2#45)
* `aws` : Adds missing sdk error checking when seeking readers ([aws#379](aws/aws-sdk-go-v2#379))
  * Adds support for nonseekable io.Reader. Adds support for streamed payloads for unsigned body request.
  * Fixes [aws#371](aws/aws-sdk-go-v2#371)
* `service/s3` : Fixes unexpected EOF error by s3manager ([aws#386](aws/aws-sdk-go-v2#386))
  * Fixes bug which threw unexpected EOF error when s3 upload is performed for a file of maximum allowed size
  * Fixes [aws#316](aws/aws-sdk-go-v2#316)
* `private/model` : Fixes generated API Reference docs links being invalid ([387](aws/aws-sdk-go-v2#387))
  * Fixes [aws#327](aws/aws-sdk-go-v2#327)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
feature-request A feature should be added or improved.
Projects
None yet
Development

No branches or pull requests

7 participants