Closed dandunckelman closed 11 years ago
This should probably raise this error: http://docs.aws.amazon.com/AWSRubySDK/latest/AWS/Errors/MissingCredentialsError.html
It looks like what is happening is the service is returning a InvalidAccessKeyId error which is being caught as a ClientError (all 400 level responses are client errors, 500 level responses are service errors). This could be fixed if we instead of rescuing Errors::ClientError
, we should rescue Errors::AccessDenied
.
This change would allow the InvalidAccessKeyId error to raise up and would prevent the incorrect true
value from being returned.
Nice!
Just for reference, I tested it and got the following:
/home/dldunckel/.rvm/gems/ruby-1.9.3-p194@sites/gems/aws-sdk-1.8.5/lib/aws/core/client.rb:339:in `return_or_raise': The AWS Access Key Id you provided does not exist in our records. (AWS::S3::Errors::InvalidAccessKeyId)
from /home/dldunckel/.rvm/gems/ruby-1.9.3-p194@sites/gems/aws-sdk-1.8.5/lib/aws/core/client.rb:440:in `client_request'
from (eval):3:in `get_bucket_versioning'
from /home/dldunckel/.rvm/gems/ruby-1.9.3-p194@sites/gems/aws-sdk-1.8.5/lib/aws/s3/bucket.rb:455:in `versioning_state'
from /home/dldunckel/.rvm/gems/ruby-1.9.3-p194@sites/gems/aws-sdk-1.8.5/lib/aws/s3/bucket.rb:443:in `versioning_enabled?'
from /home/dldunckel/.rvm/gems/ruby-1.9.3-p194@sites/gems/aws-sdk-1.8.5/lib/aws/s3/bucket.rb:506:in `exists?'
from create.rb:141:in `bucketExists'
from create.rb:343:in `uploadSiteContent'
from create.rb:276:in `uploadContent'
from create.rb:35:in `initialize'
from create.rb:391:in `new'
from create.rb:391:in `<main>'
Thanks!
I have a little function that checks if a bucket exists:
When I run my script with invalid AWS creds, it returns true even though the bucket I'm checking doesn't exist. I found this when my config.yml looked like this:
So, I got curious and looked here: https://github.com/aws/aws-sdk-ruby/blob/master/lib/aws/s3/bucket.rb#L504, which has this:
I dug around the code and didn't find anything in NoSuchBucket and ClientError that would catch bad creds. I might take a stab at a pull request for this, but for now, I'll modify my code to ensure creds are valid.