Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fog::Compute::AWS::Error: AuthFailure #394

Closed
mgdevstack opened this issue Dec 8, 2015 · 10 comments
Closed

Fog::Compute::AWS::Error: AuthFailure #394

mgdevstack opened this issue Dec 8, 2015 · 10 comments

Comments

@mgdevstack
Copy link

chef exec gem install knife-ec2

Fetching: fog-1.29.0.gem (100%)
Successfully installed fog-1.29.0
Fetching: knife-ec2-0.12.0.gem (100%)
Successfully installed knife-ec2-0.12.0
2 gems installed

chef exec knife ec2 server list | wc -l

WARNING: No region was specified in knife.rb or as an argument. The default region, us-east-1, will be used:
ERROR: Fog::Compute::AWS::Error: AuthFailure => AWS was not able to validate the provided access credentials

Correct credential are used in below setting
knife[:aws_access_key_id] = "Your AWS Access Key ID"
knife[:aws_secret_access_key] = "Your AWS Secret Access Key"
or
knife[:aws_credential_file] = "/path/to/credentials/file"

But still Fog authFailure is occuring.

Please suggest some solution or Is there any dependency issue persist related to fog?
@NimishaS
Copy link

NimishaS commented Dec 9, 2015

@mgdevstack , we are looking into this.

@Vasu1105
Copy link

Vasu1105 commented Dec 9, 2015

@mgdevstack , aws_credential_file option was working for us.
Please check the credential file format below:

AWSAccessKeyId=YourAWSAccessKeyID
AWSSecretKey=YourAWSSecretAccessKey

OR

[default]
aws_access_key_id = You AWSAccessKeyID
aws_secret_access_key = YourAWSSecretAccessKey

Make sure that [default] is added in case of 2nd format.

@mgdevstack
Copy link
Author

@Vasu1105 . in knife-ec2-0.8.0 it is working but on upgrading plugin to 0.12.0.. It is showing Fog Error.

@Vasu1105
Copy link

@mgdevstack , we checked with knife-ec2 0.12.0 also but didn't face this issue. We have tried the with chef exec knife ec2 server list and knife-ec2 server list.

@adamedx
Copy link

adamedx commented Dec 11, 2015

@mgdevstack, can you show us all the gems you have installed via gem list? Also, when you run the knife command, can you specify the -c parameter and point it at your knife.rb?

Last, can you run knife rehash to make sure we're picking up the latest commands?

To me, what you're seeing is symptomatic of possibly looking at the wrong config file. Some lookups for config may have changed between knife-ec2 versions and hence the error.

@dougireton
Copy link

@adamedx I'm getting the same error.

It looks like PR #393 will fix my issue.

knife ec2 server create works if I set the AWS ENV vars instead of using the ~/.aws/credentials file.

My ~/.chef/config.rb:

# knife-ec2 settings
knife[:region] = 'us-west-2'
knife[:aws_credential_file] = File.join(ENV['HOME'], "/.aws/credentials")
knife[:aws_profile] = 'my-custom-profile'

My ~/.aws/credentials:

[my-custom-profile]
aws_access_key_id=<MY_VALID_KEY>
aws_secret_access_key=<my_secret_access_key>
aws_session_token="my-session-token"
aws_security_token="my-session-token"

Stacktrace

➜  ~  knife ec2 server create -f t2.micro -I ami-22b9a343 --ssh-key chef_team_test --identity-file ~/.ssh/chef_team_test --ssh-user ubuntu --subnet subnet-1234abcd -g sg-123f4567 -VV
INFO: Using configuration from /Users/doug/.chef/config.rb
DEBUG: Looking for key use_iam_profile and found value false
DEBUG: Looking for key region and found value us-west-2
DEBUG: Looking for key use_iam_profile and found value false
DEBUG: Looking for key aws_access_key_id and found value <MY_VALID_KEY>
DEBUG: Looking for key aws_secret_access_key and found value <my_secret_access_key>
DEBUG: Looking for key aws_session_token and found value
DEBUG: Looking for key image and found value ami-22b9a343
/opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/middlewares/expects.rb:6:in `response_call': AuthFailure => AWS was not able to validate the provided access credentials (Fog::Compute::AWS::Error)
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/middlewares/response_parser.rb:8:in `response_call'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/connection.rb:372:in `response'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/connection.rb:236:in `request'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/middlewares/idempotent.rb:26:in `error_call'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/middlewares/base.rb:10:in `error_call'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/middlewares/base.rb:10:in `error_call'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/connection.rb:256:in `rescue in request'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/connection.rb:204:in `request'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/middlewares/idempotent.rb:26:in `error_call'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/middlewares/base.rb:10:in `error_call'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/middlewares/base.rb:10:in `error_call'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/connection.rb:256:in `rescue in request'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/connection.rb:204:in `request'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/middlewares/idempotent.rb:26:in `error_call'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/middlewares/base.rb:10:in `error_call'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/middlewares/base.rb:10:in `error_call'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/connection.rb:256:in `rescue in request'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/excon-0.45.4/lib/excon/connection.rb:204:in `request'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/fog-xml-0.1.2/lib/fog/xml/sax_parser_connection.rb:35:in `request'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/fog-xml-0.1.2/lib/fog/xml/connection.rb:7:in `request'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/fog-aws-0.7.6/lib/fog/aws/compute.rb:525:in `_request'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/fog-aws-0.7.6/lib/fog/aws/compute.rb:520:in `request'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/fog-aws-0.7.6/lib/fog/aws/requests/compute/describe_images.rb:49:in `describe_images'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/fog-aws-0.7.6/lib/fog/aws/models/compute/images.rb:46:in `all'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/fog-aws-0.7.6/lib/fog/aws/models/compute/images.rb:52:in `get'
    from /Users/doug/.chefdk/gem/ruby/2.1.0/gems/knife-ec2-0.12.0/lib/chef/knife/ec2_server_create.rb:732:in `ami'
    from /Users/doug/.chefdk/gem/ruby/2.1.0/gems/knife-ec2-0.12.0/lib/chef/knife/ec2_server_create.rb:744:in `validate!'
    from /Users/doug/.chefdk/gem/ruby/2.1.0/gems/knife-ec2-0.12.0/lib/chef/knife/ec2_server_create.rb:399:in `run'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/knife.rb:405:in `block in run_with_pretty_exceptions'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/local_mode.rb:44:in `with_server_connectivity'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/knife.rb:404:in `run_with_pretty_exceptions'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/knife.rb:203:in `run'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/lib/chef/application/knife.rb:142:in `run'
    from /opt/chefdk/embedded/lib/ruby/gems/2.1.0/gems/chef-12.5.1/bin/knife:25:in `<top (required)>'
    from /usr/local/bin/knife:54:in `load'
    from /usr/local/bin/knife:54:in `<main>'

@Vasu1105
Copy link

@dougireton We able to reproduce issue with aws_sessions_token. When we pass this option through configuration file i.e. knife.rb in you case it is ~/.chef/config.rb, the option is not getting set up. We will merge #393.

@mgdevstack If you are passing aws_session_token option through credentials file which is required in case of temporary security credentials then the issue you are facing is valid and we will be fixing that after merging #393. But if you are not working with temporary security credentials and using only aws_access_key and aws_secret_access_key the error should not come. And we tried both the cases and confirmed that there is only issue with aws_session_token option if passed through credentials file using knife.rb

@NimishaS
Copy link

#393 is now merged in master branch

@dheerajd-msys
Copy link
Contributor

@dougireton and @mgdevstack Since #393 is merged; can you please close this issue?

@btm
Copy link
Contributor

btm commented Nov 30, 2016

I'm going to close this as it should be fixed in knife-ec2 v0.13.0. Let us know if you still have any problems.

@btm btm closed this as completed Nov 30, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@btm @dougireton @NimishaS @adamedx @Vasu1105 @mgdevstack @dheerajd-msys