From eb90457223b065e80e8f0e7d5e25c6ba18c3910f Mon Sep 17 00:00:00 2001
From: Clint Shryock <clint@ctshryock.com>
Date: Fri, 7 Aug 2015 11:55:44 -0500
Subject: [PATCH] guard on both accessdenied (no IAM policy) and
 validationerror (no username specified)

---
 builtin/providers/aws/config.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/builtin/providers/aws/config.go b/builtin/providers/aws/config.go
index 393753115360..0cdcd90ddc85 100644
--- a/builtin/providers/aws/config.go
+++ b/builtin/providers/aws/config.go
@@ -188,7 +188,7 @@ func (c *Config) ValidateCredentials(iamconn *iam.IAM) error {
 
 	if awsErr, ok := err.(awserr.Error); ok {
 
-		if awsErr.Code() == "AccessDenied" {
+		if awsErr.Code() == "AccessDenied" || awsErr.Code() == "ValidationError" {
 			log.Printf("[WARN] AccessDenied Error with iam.GetUser, assuming IAM profile")
 			// User may be an IAM instance profile, or otherwise IAM role without the
 			// GetUser permissions, so fail silently