goofys not compatible with imds v2 #727
Comments
|
The latest code in master already support IMDSv2, but you will have to build it yourself. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
it looks like goofys is not compatible with aws imdsv2 to access ec2 instance metadata.
as a result it can be used on an instance with imds v2 enforced.
the goal is to use a profile to assume a role by using ec2 instance metadata to access a s3 bucket with a credentials file like this :
[default]
region=eu-west-1
[test_profile]
role_arn =
credential_source = Ec2InstanceMetadata
region = eu-west-1
=> /usr/local/bin/goofys --region eu-west-1 --profile cdh cdh-testairflow-786117 /testairflow
give the following error in /var/log/messages :
Oct 21 10:17:20 ip-10-154-192-94 /usr/local/bin/goofys[3117]: s3.ERROR code=EC2RoleRequestError msg=no EC2 instance role found, err=EC2MetadataError: failed to make EC2Metadata request#012caused by:
Please note that If i don't specify any profile (so using default) i have the following error :
Oct 21 10:22:16 ip-10-154-192-94 /usr/local/bin/goofys[3182]: s3.ERROR code=NoCredentialProviders msg=no valid providers in chain. Deprecated.#12#011For verbose messaging see aws.Config.CredentialsChainVerboseErrors, err=
the only way to make goofys work on my ec2 is to add access_key, secret_key and session_token in the credentials file (so need to update it every hour).
Regards,
The text was updated successfully, but these errors were encountered: