-
Notifications
You must be signed in to change notification settings - Fork 165
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
stacker bucket will always be created with default aws profile regardless of -p option #673
Comments
This is definitely a bug. I’ll dig in when I have time (or happy to review if
someone sends a PR).
One easy way around this would be to create the bucket before hand. That’s
actually what we do at Remind, since it allows us to manage the bucket
through CloudFormation.
…On Wed, Oct 24, 2018 at 10:57 AM ronend ***@***.***> wrote:
Running stacker build -p dronen1 ./config/environments/prod/us-east-1.env
./config/capabilities/zone/avm/custom_resources.yaml
Stacker errored out:
[2018-10-23T23:44:08] Using default AWS provider mode
[2018-10-23T23:44:09] Access denied for bucket
stacker-templates-us-east-1-1540336332. Did you remember to use a globally
unique name? Traceback (most recent call last): File
"/Users/dronen/workspace/stacker/stacker/util.py", line 495, in
ensure_s3_bucket s3_client.head_bucket(Bucket=bucket_name) File
"/Users/dronen/workspace/mufg-infrastructure/venv3/lib/python3.6/site-packages/botocore/client.py",
line 314, in _api_call return self._make_api_call(operation_name, kwargs)
File
"/Users/dronen/workspace/mufg-infrastructure/venv3/lib/python3.6/site-packages/botocore/client.py",
line 612, in _make_api_call raise error_class(parsed_response,
operation_name) botocore.exceptions.ClientError: An error occurred (403)
when calling the HeadBucket operation: Forbidden Traceback (most recent
call last): File
"/Users/dronen/workspace/mufg-infrastructure/venv3/bin/stacker", line 7, in
<module> exec(compile(f.read(), __file__, 'exec')) File
"/Users/dronen/workspace/stacker/scripts/stacker", line 10, in <module>
args.run(args) File
"/Users/dronen/workspace/stacker/stacker/commands/stacker/build.py", line
58, in run dump=options.dump) File
"/Users/dronen/workspace/stacker/stacker/actions/base.py", line 199, in
execute self.pre_run(*args, **kwargs) File
"/Users/dronen/workspace/stacker/stacker/actions/build.py", line 396, in
pre_run self.ensure_cfn_bucket() File
"/Users/dronen/workspace/stacker/stacker/actions/base.py", line 159, in
ensure_cfn_bucket self.bucket_region) File
"/Users/dronen/workspace/stacker/stacker/util.py", line 495, in
ensure_s3_bucket s3_client.head_bucket(Bucket=bucket_name) File
"/Users/dronen/workspace/mufg-infrastructure/venv3/lib/python3.6/site-packages/botocore/client.py",
line 314, in _api_call return self._make_api_call(operation_name, kwargs)
File
"/Users/dronen/workspace/mufg-infrastructure/venv3/lib/python3.6/site-packages/botocore/client.py",
line 612, in _make_api_call raise error_class(parsed_response,
operation_name) botocore.exceptions.ClientError: An error occurred (403)
when calling the HeadBucket operation: Forbidden
The problem is in the constructor of actions.base.BaseAction.__init__(),
the session is built without the profile:
self.s3_conn = get_session(self.bucket_region).client('s3')
The profile is not passed to this constructor, so I have no idea how this
might be solved other than adding karg to the constructor.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#673>, or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAFzvp-psOr0qIArVIo3_k9nnrqZBlC2ks5un-USgaJpZM4X3FK7>
.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
stacker.log
Running
stacker build -p dronen1 ./config/environments/prod/us-east-1.env ./config/capabilities/zone/avm/custom_resources.yaml
Stacker errored out:
[2018-10-23T23:44:08] Using default AWS provider mode [2018-10-23T23:44:09] Access denied for bucket stacker-templates-us-east-1-1540336332. Did you remember to use a globally unique name? Traceback (most recent call last): File "/Users/dronen/workspace/stacker/stacker/util.py", line 495, in ensure_s3_bucket s3_client.head_bucket(Bucket=bucket_name) File "/Users/dronen/workspace/mufg-infrastructure/venv3/lib/python3.6/site-packages/botocore/client.py", line 314, in _api_call return self._make_api_call(operation_name, kwargs) File "/Users/dronen/workspace/mufg-infrastructure/venv3/lib/python3.6/site-packages/botocore/client.py", line 612, in _make_api_call raise error_class(parsed_response, operation_name) botocore.exceptions.ClientError: An error occurred (403) when calling the HeadBucket operation: Forbidden Traceback (most recent call last): File "/Users/dronen/workspace/mufg-infrastructure/venv3/bin/stacker", line 7, in <module> exec(compile(f.read(), __file__, 'exec')) File "/Users/dronen/workspace/stacker/scripts/stacker", line 10, in <module> args.run(args) File "/Users/dronen/workspace/stacker/stacker/commands/stacker/build.py", line 58, in run dump=options.dump) File "/Users/dronen/workspace/stacker/stacker/actions/base.py", line 199, in execute self.pre_run(*args, **kwargs) File "/Users/dronen/workspace/stacker/stacker/actions/build.py", line 396, in pre_run self.ensure_cfn_bucket() File "/Users/dronen/workspace/stacker/stacker/actions/base.py", line 159, in ensure_cfn_bucket self.bucket_region) File "/Users/dronen/workspace/stacker/stacker/util.py", line 495, in ensure_s3_bucket s3_client.head_bucket(Bucket=bucket_name) File "/Users/dronen/workspace/mufg-infrastructure/venv3/lib/python3.6/site-packages/botocore/client.py", line 314, in _api_call return self._make_api_call(operation_name, kwargs) File "/Users/dronen/workspace/mufg-infrastructure/venv3/lib/python3.6/site-packages/botocore/client.py", line 612, in _make_api_call raise error_class(parsed_response, operation_name) botocore.exceptions.ClientError: An error occurred (403) when calling the HeadBucket operation: Forbidden
The problem is in the constructor of
actions.base.BaseAction.__init__()
, the session is built without the profile:self.s3_conn = get_session(self.bucket_region).client('s3')
The profile is not passed to this constructor, so I have no idea how this might be solved other than adding karg to the constructor.
The text was updated successfully, but these errors were encountered: