-
Notifications
You must be signed in to change notification settings - Fork 654
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
in ecs got security token service credentials is empty. #1551
Comments
I had some similar error messages using an outdated SDK version - they were solved for me by updating the SDK with |
my problem is solved. in ecs fargate i not set public IP, caused by get sts svc timeout. |
Hi @dybxin , |
yeah i solved already. |
I seem to be getting the same issue ? I think there might be a bug here ? My code (based on the example given in the docs):
Which is then passed into an S3 caller ...
I get the following error:
However, if I rely on the
and defining Weird ! |
Recently, I managed to trigger this very error on EKS. Upon investigation, a culprit of my issue was as following:
In short, web identity authentication provider should be modified to report errors properly and not just swallow them. |
Hi all, It seems like there are various reasons for this, all of them are due to incorrect configurations with ECS / EKS. @oakad , errors reported from the credential providers will always be hidden because the credential chain is meant to work implicitly. The default config will go through every provider in the chain in order, with each one failing until it finds the one that is able to return credentials successfully. If we were to log each failure to standard out, it will create logging noise. The way around it is to set the appropriate log level on your config object so that you may see the underlying failed outgoing requests. You can do that by doing the following: cfg, err := config.LoadDefaultConfig(
context.TODO(),
config.WithRegion("us-east-1"),
config.WithClientLogMode(aws.LogRequestWithBody|aws.LogResponseWithBody), // enable request and response logging
) Since this issue was reported by a number of people, and was caused and mitigated by different reasons Im going to go ahead and close this. Thanks again, |
This issue is now closed. Comments on closed issues are hard for our team to see. |
Documentation
Describe the bug
in ecs cluster, i deploy services in fargate. when i use aws-sdk-go-v2 to get security token service credentials, i got an empty response result.
the response result not contains AccessKeyID 、SecretAccessKey and SessionToken.
Expected behavior
i expected got the complete response.
Current behavior
Steps to Reproduce
Possible Solution
No response
AWS Go SDK version used
1.16.6
Compiler and Version used
go version go1.16.6 linux/amd64
Operating System and version
Amazon Linux 2 AMI (HVM) - Kernel 5.10, SSD Volume Type
The text was updated successfully, but these errors were encountered: