-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SDK config differs from AWS cli tool #384
Comments
Hi @mtibben thanks for posting this issue. Correct the Go SDK only supports the |
Here's the doc for the CLI tool: Any chance that those env vars could be consulted as well? |
Other than the CLI config, the only environment vars the Go SDK doesn't support which the CLI is It should be noted though that adding support for these two additional environment configuration values would introduce breaking changes into the SDK. |
I might add that it would be helpful to have cross account role support as defined in this blog post. |
Thanks for the suggestion @phoolish This is a nice feature of the CLI and would add nice functionality. I think you're able to do this now with the Go SDK but it requires a bit of manual process. Having this built in would be helpful. We're always looking for new features and PR, if you'd like to take a look at how this could be added to the SDK we'd be more than glad to review it. If you do, please create an additional issue so we can track that feature separately. |
Don't know too much go, but I was looking for a holiday project. |
@jasdel This issue with sdk ignoring shared config may be very annoying to anyone who uses aws sdk in the project that more than just a toy. It seams natural for integration tests to use connectivity config stored at the server in shared location and that would run into the limitation issue. I'd like to make simple patch to aws-sdk-go that would allows sdk to read region from shared config if no value is given explicitly in code (as mentioned in #489). This is much simpler functionality and easy to test scope that this #384. The most importantly it helps in running practical integration test that share both credentials and config with CLI tools on the server. Would such simple patch be considered as a pool request or there is a plan for something bigger? |
@smile-on Thanks for looking into this. We haven't added because we need to determine, if the SDKs were to support the CLI's config file, dhow far to go with the integration. Generally the region and credentials are helpful because it is an obvious configuration value which applies to all the SDK's and CLI. But the majority of the CLI's config file is specific to the CLI and its features. In addition any change we make to how the SDK sources its configuration will need to backwards compatible. This most likely will mean loading a configuration from an additional source will need to be an opt-in process. Either through a flag in code or or environmental variable so that it does not automatically enable unexpectedly. |
Ran into this a few days ago, so I wrote a provider that reads from the CLI config file |
@jasdel Have any decisions been made on priority for this? Its lack blocks a rather large chunk of my upcoming work. |
Hi i'm starting to look at implementing this feature. Support for this feature would need to be opt so not to unexpectedly break user application's. Users should be able to opt into this feature vai an env var, and via in code configuration. |
https://github.com/Bowbaq/profilecreds has worked as a workaround: I would recommend it as a stepping-off point. |
Adds opt-in support for loading the SDK's configuration from the shared config file (~/.aws/config) in addition to the current shared configuration file (~/.aws/credentials). This option can be enabled with the env var `AWS_SDK_LOAD_CONFIG` set to a truthy value, or creating a session with the `session.NewFromSharedConfig()` helper instead of `session.New()`. In addition to loading from the shared config file the SDK will also now load region from the shared credentials file when the share config is enabled. This changes also treats the syntax of both shared config and credentials as the same. See the session package for more information and examples. Adds shared config support for aws#384
Thanks for the link @mtibben I've created a PR #761 which is the initial step to update the SDK to load configuration from the shared config file ( |
Adds opt-in support for loading the SDK's configuration from the shared config file (~/.aws/config) in addition to the current shared configuration file (~/.aws/credentials). This option can be enabled with the env var `AWS_SDK_LOAD_CONFIG` set to a truthy value, or creating a session with the `session.NewFromSharedConfig()` helper instead of `session.New()`. In addition to loading from the shared config file the SDK will also now load region from the shared credentials file when the share config is enabled. This changes also treats the syntax of both shared config and credentials as the same. See the session package for more information and examples. Adds shared config support for aws#384
Adds opt-in support for loading the SDK's configuration from the shared config file (~/.aws/config) in addition to the current shared configuration file (~/.aws/credentials). This option can be enabled with the env var `AWS_SDK_LOAD_CONFIG` set to a truthy value, or creating a session with the `session.NewFromSharedConfig()` helper instead of `session.New()`. In addition to loading from the shared config file the SDK will also now load region from the shared credentials file when the share config is enabled. This changes also treats the syntax of both shared config and credentials as the same. See the session package for more information and examples. Adds shared config support for aws#384
Adds opt-in support for loading the SDK's configuration from the shared config file (~/.aws/config) in addition to the current shared configuration file (~/.aws/credentials). This option can be enabled with the env var `AWS_SDK_LOAD_CONFIG` set to a truthy value, or creating a session with the `session.NewFromSharedConfig()` helper instead of `session.New()`. In addition to loading from the shared config file the SDK will also now load region from the shared credentials file when the share config is enabled. This changes also treats the syntax of both shared config and credentials as the same. See the session package for more information and examples. Adds shared config support for aws#384
Adds opt-in support for loading the SDK's configuration from the shared config file (~/.aws/config) in addition to the current shared configuration file (~/.aws/credentials). This option can be enabled with the env var `AWS_SDK_LOAD_CONFIG` set to a truthy value, or creating a session with the `session.NewFromSharedConfig()` helper instead of `session.New()`. In addition to loading from the shared config file the SDK will also now load region from the shared credentials file when the share config is enabled. This changes also treats the syntax of both shared config and credentials as the same. See the session package for more information and examples. Adds shared config support for aws#384
Hi all I've created PR #761 which adds support for reading the shared config file to the SDK, in addition to assume role from a profile in the SDK's default credential chain. I'm looking to gather any feedback about the change. |
Adds opt-in support for loading the SDK's configuration from the shared config file (~/.aws/config) in addition to the current shared configuration file (~/.aws/credentials). This option can be enabled with the env var `AWS_SDK_LOAD_CONFIG` set to a truthy value, or creating a session with the `session.NewFromSharedConfig()` helper instead of `session.New()`. In addition to loading from the shared config file the SDK will also now load region from the shared credentials file when the share config is enabled. This changes also treats the syntax of both shared config and credentials as the same. See the session package for more information and examples. Adds shared config support for aws#384
Adds opt-in support for loading the SDK's configuration from the shared config file (~/.aws/config) in addition to the current shared configuration file (~/.aws/credentials). This option can be enabled with the env var `AWS_SDK_LOAD_CONFIG` set to a truthy value, or creating a session with the `session.NewFromSharedConfig()` helper instead of `session.New()`. In addition to loading from the shared config file the SDK will also now load region from the shared credentials file when the share config is enabled. This changes also treats the syntax of both shared config and credentials as the same. See the session package for more information and examples. Adds shared config support for aws#384
Hey thanks @jasdel, to be honest I can't remember the exact use-case I was having issues with when reporting this bug, but these days I'm using https://github.com/99designs/aws-vault which automatically sets all the potential environment variables like This work is certainly appreciated however, hopefully it leads to a smoother UX when using the SDK! Thanks! |
aws/session: Add support for shared config (~/.aws/config) file Fix #384
Thanks for the update, and link @mtibben! I've merged in the change that implements the shared config with assume role support. Let us know if you have any issues or additional feedback. |
Ports v1 SDK's retry utilities to follow a consistent code path. aws.IsErrorRetryable is the primary entry point to determine if a request is retryable. Also ports support for service/kinesis to retry service specific API errors . Corrects sdk's behavior by not retrying errors with status code 501. Related to aws#2744, aws#2774, aws#2751 and aws#1826 Fixes aws#372; Fixes aws#145
Services --- * Synced the V2 SDK with latest AWS service API definitions. SDK Enhancements --- * `aws/endpoints`: Expose DNSSuffix for partitions ([aws#369](aws/aws-sdk-go-v2#369)) * Exposes the underlying partition metadata's DNSSuffix value via the `DNSSuffix` method on the endpoint's `Partition` type. This allows access to the partition's DNS suffix, e.g. "amazon.com". * Fixes [aws#347](aws/aws-sdk-go-v2#347) * `private/protocol`: Add support for parsing fractional timestamp ([aws#367](aws/aws-sdk-go-v2#367)) * Fixes the SDK's ability to parse fractional unix timestamp values and adds tests. * Fixes [aws#365](aws/aws-sdk-go-v2#365) * `aws/ec2metadata`: Add marketplaceProductCodes to EC2 Instance Identity Document ([aws#374](aws/aws-sdk-go-v2#374)) * Adds `MarketplaceProductCodes` to the EC2 Instance Metadata's Identity Document. The ec2metadata client will now retrieve these values if they are available. * Related to: [aws#2781](aws#2781) * `aws`: Adds configurations to the default retryer ([aws#375](aws/aws-sdk-go-v2#375)) * Provides more customization options for retryer by adding a constructor for default Retryer which accepts functional options. Adds NoOpRetryer to support no retry behavior. Exposes members of default retryer. * Updates the underlying logic used by the default retryer to calculate jittered delay for retry. Handles int overflow for retry delay. * Fixes [aws#370](aws/aws-sdk-go-v2#370) * `aws` : Refactors request retry behavior path logic ([aws#384](aws/aws-sdk-go-v2#384)) * Retry utilities now follow a consistent code path. aws.IsErrorRetryable is the primary entry point to determine if a request is retryable. * Corrects sdk's behavior by not retrying errors with status code 501. Adds support for retrying the Kinesis API error, LimitExceededException. * Fixes [aws#372](aws/aws-sdk-go-v2#372), [aws#145](aws/aws-sdk-go-v2#145) SDK Bugs --- * `aws`: Fixes bug in calculating throttled retry delay ([aws#373](aws/aws-sdk-go-v2#373)) * The `Retry-After` duration specified in the request is now added to the Retry delay for throttled exception. Adds test for retry delays for throttled exceptions. Fixes bug where the throttled retry's math was off. * Fixes [aws#45](aws/aws-sdk-go-v2#45) * `aws` : Adds missing sdk error checking when seeking readers ([aws#379](aws/aws-sdk-go-v2#379)) * Adds support for nonseekable io.Reader. Adds support for streamed payloads for unsigned body request. * Fixes [aws#371](aws/aws-sdk-go-v2#371) * `service/s3` : Fixes unexpected EOF error by s3manager ([aws#386](aws/aws-sdk-go-v2#386)) * Fixes bug which threw unexpected EOF error when s3 upload is performed for a file of maximum allowed size * Fixes [aws#316](aws/aws-sdk-go-v2#316) * `private/model` : Fixes generated API Reference docs links being invalid ([387](aws/aws-sdk-go-v2#387)) * Fixes [aws#327](aws/aws-sdk-go-v2#327)
The AWS CLI tool stores the configured region in
~/.aws/config
, however the golang SDK does not read it. For example, the config file might specify the region withSo when using the env var
AWS_SHARED_CREDENTIALS_FILE=~/.aws/config
, the default region actually comes fromAWS_REGION
instead. I understand the credentials file is different to the config file, but still it would be nice if the SDK and CLI were able to share configSecondly, I noticed the SDK reads
AWS_PROFILE
andAWS_REGION
instead ofAWS_DEFAULT_PROFILE
andAWS_DEFAULT_REGION
as the cli tool does.Again I can understand why things have been done this way - but is it necessary to have these differing ways to configure AWS tools? It would be easier if there was consistency.
The text was updated successfully, but these errors were encountered: