Reputation: 1506
AWS EC2 Instance Profile for S3 permissions inconsistent
Background: I'm writing an automated deployment script to deploy a ruby on rails application to AWS on an EC2 instance using S3 as the storage for ActiveStorage. My script creates an instance profile/role and attaches it to the EC2 instance on creation. My script uses the ruby sdk for AWS.
Sometimes when my script runs, it works great (which tells me my configuration is correct). Sometimes it throws the following exception:
/home/ubuntu/.rbenv/versions/2.6.5/lib/ruby/gems/2.6.0/gems/aws-sigv4-1.2.1/lib/aws-sigv4/signer.rb:613:in `extract_credentials_provider': missing credentials, provide credentials with one of the following options: (Aws::Sigv4::Errors::MissingCredentialsError)
- :access_key_id and :secret_access_key
- :credentials
- :credentials_provider
I generally have success about 9 times out of 10 using a t3a.micro or t3.micro instance. I usually have a failure 9 times out of 10 using a t3a.nano or t3.nano instance.
It sure seems like there is something eventually consistent about these instance profiles, but I can't find anything in the documentation. What's going on, and what can I do to make this succeed consistently?
Thank you.
Upvotes: 2
Views: 271
Answers (0)
Related Questions
- Aws::S3::Errors::AccessDenied: Access Denied
- Configuring ActiveStorage to use S3 with IAM role
- Aws::S3::Errors::AccessDenied when trying to write using rails apps
- AWS S3 IAM policy for read and write permissions on a single bucket
- Change s3 file access with aws-sdk -> 2 and ruby
- Amazon S3: set permissions using aws-sdk-ruby
- Can't access s3 buckets after creating instance using IAM profile
- Basic AWS IAM permissions for an S3 bucket
- AWS user permission policy against S3 resource not restricting to specific user
- Setting owner of objects in an S3 bucket