Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

upload file stuck when I set AWS_SECRET_ACCESS_KEY to empty #1584

Open
godzilla-s opened this issue Oct 23, 2023 · 3 comments
Open

upload file stuck when I set AWS_SECRET_ACCESS_KEY to empty #1584

godzilla-s opened this issue Oct 23, 2023 · 3 comments

Comments

@godzilla-s
Copy link

Database name

Wal-g provides support for many databases, please write down name of database you uses.

Issue description

Describe your problem

When I set AWS_SECRET_ACCESS_KEY to empty, and execute wal-g wal-push to upload file to S3 bucket, it stuck. I debug it and print the message, it show:

cause by: Put "http://169.254.169.254/latest/api/token": context deadline exceeded (Client.Timeout exceeded while awaiting headers)

I tested it in an offline network environment(can not access website)

so should AWS_SECRET_ACCESS_KEY must be set?

Please provide steps to reproduce

// it can really help

Please add config and wal-g stdout/stderr logs for debug purpose

also you can use WALG_LOG_LEVEL=DEVEL for logs collecting

If you can, provide logs

```bash any logs here ```

@godzilla-s
Copy link
Author

is it default to go to 169.254.169.254 server to request token if AWS_SECRET_ACCESS_KEY not set?

@godzilla-s
Copy link
Author

godzilla-s commented Oct 24, 2023
edited 

       accessKeyId := getFirstSettingOf(settings, []string{AccessKeyIdSetting, AccessKeySetting})
	secretAccessKey := getFirstSettingOf(settings, []string{SecretAccessKeySetting, SecretKeySetting})
	sessionToken := settings[SessionTokenSetting]
	if accessKeyId != "" && secretAccessKey != "" {
		provider := &credentials.StaticProvider{Value: credentials.Value{
			AccessKeyID:     accessKeyId,
			SecretAccessKey: secretAccessKey,
			SessionToken:    sessionToken,
		}}
		providers := make([]credentials.Provider, 0)
		providers = append(providers, provider)
		providers = append(providers, defaults.CredProviders(config, defaults.Handlers())...)
		newCredentials := credentials.NewCredentials(&credentials.ChainProvider{
			VerboseErrors: aws.BoolValue(config.CredentialsChainVerboseErrors),
			Providers:     providers,
		})

		config = config.WithCredentials(newCredentials)
	}

what to do if accesskeyId and secretAccessKey is empty? use credentials.AnonymousCredentials ??

@usernamedt
Copy link
Member

Hi! If AWS_SECRET_ACCESS_KEY is empty WAL-G will look for the credentials in ~/.aws/credentials or EC2 metadata, as described in docs.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@godzilla-s @usernamedt