Closed travisnburton closed 2 years ago
Hi @travisnburton,
Are you passing in aws_access_key and aws_secret_access_key or is the EC2 instance attached to an IAM Role?
Thanks, Cameron K.
the EC2 is attached to an IAM role, and i'm using s3files2:
{
"arcgis": {
"version": "10.9.1",
"run_as_user": "arcgis",
"repository": {
"local_archives": "/opt/software/archives",
"server": {
"s3bucket": "arcgisstore-us-east-1",
"region": "us-east-1"
},
"files": {
"Portal_for_ArcGIS_Linux_1091_180199.tar.gz": {
"subfolder": "10.9.1/setups"
},
"Portal_for_ArcGIS_Web_Styles_Linux_1091_180201.tar.gz": {
"subfolder": "10.9.1/setups"
}
}
}
},
"run_list": [
"recipe[arcgis-repository::s3files2]"
]
}
Is there a specific role the EC2 instance needs to assume in order to access the bucket? Or does the bucket policy for arcgisstore-us-east-1 accept requests from all EC2 instances?
Thanks for clarifying the use of IAM Role rather than use of access key. I just tested both scenario's and was able to successfully download using my aws IAM Role and access key.
The setups in those buckets should be publicly available to all aws accounts so not quite sure what could be going on here. Definitely smells like a permission related issue.
As a test are you able to pass in the access key and secret to see if it yields a different result?
Thank you so much for confiming. This was indeed an IAM permission issue, the EC2 Instance Profile was not allowing access to this bucket.
Receive the following error when executing recipe[arcgis-repository::s3files2] on EC2 instance in AWS us-east-1:
Relevant Info: