Open odgrso opened 1 week ago
adev-code
commented
1 week ago Hi @odgrso, thanks for reaching out. I was not able to replicate the same issue using the code and config above.
For further look, please include the full debug response by adding the line: boto3.set_stream_logger('') and redacting any sensitive information.
Thank you.
odgrso
commented
1 week ago bug request
2024-09-14 16:23:57,594 - botocore.hooks - DEBUG - Changing event name from creating-client-class.iot-data to creating-client-class.iot-data-plane
2024-09-14 16:23:57,596 - botocore.hooks - DEBUG - Changing event name from before-call.apigateway to before-call.api-gateway
2024-09-14 16:23:57,597 - botocore.hooks - DEBUG - Changing event name from request-created.machinelearning.Predict to request-created.machine-learning.Predict
2024-09-14 16:23:57,599 - botocore.hooks - DEBUG - Changing event name from before-parameter-build.autoscaling.CreateLaunchConfiguration to before-parameter-build.auto-scaling.CreateLaunchConfiguration
2024-09-14 16:23:57,599 - botocore.hooks - DEBUG - Changing event name from before-parameter-build.route53 to before-parameter-build.route-53
2024-09-14 16:23:57,600 - botocore.hooks - DEBUG - Changing event name from request-created.cloudsearchdomain.Search to request-created.cloudsearch-domain.Search
2024-09-14 16:23:57,600 - botocore.hooks - DEBUG - Changing event name from docs.*.autoscaling.CreateLaunchConfiguration.complete-section to docs.*.auto-scaling.CreateLaunchConfiguration.complete-section
2024-09-14 16:23:57,604 - botocore.hooks - DEBUG - Changing event name from before-parameter-build.logs.CreateExportTask to before-parameter-build.cloudwatch-logs.CreateExportTask
2024-09-14 16:23:57,604 - botocore.hooks - DEBUG - Changing event name from docs.*.logs.CreateExportTask.complete-section to docs.*.cloudwatch-logs.CreateExportTask.complete-section
2024-09-14 16:23:57,604 - botocore.hooks - DEBUG - Changing event name from before-parameter-build.cloudsearchdomain.Search to before-parameter-build.cloudsearch-domain.Search
2024-09-14 16:23:57,604 - botocore.hooks - DEBUG - Changing event name from docs.*.cloudsearchdomain.Search.complete-section to docs.*.cloudsearch-domain.Search.complete-section
2024-09-14 16:23:57,605 - botocore.session - DEBUG - Setting config variable for profile to 'bug2'
2024-09-14 16:23:57,610 - botocore.utils - DEBUG - IMDS ENDPOINT: http://169.254.169.254/
2024-09-14 16:23:57,619 - botocore.credentials - DEBUG - Skipping environment variable credential check because profile name was explicitly set.
2024-09-14 16:23:57,619 - botocore.credentials - DEBUG - Looking for credentials via: assume-role
2024-09-14 16:23:57,619 - botocore.credentials - DEBUG - Looking for credentials via: assume-role-with-web-identity
2024-09-14 16:23:57,619 - botocore.credentials - DEBUG - Looking for credentials via: sso
2024-09-14 16:23:57,619 - botocore.credentials - DEBUG - Looking for credentials via: shared-credentials-file
2024-09-14 16:23:57,620 - botocore.credentials - INFO - Found credentials in shared credentials file: ~/.aws/credentials
2024-09-14 16:23:57,621 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/endpoints.json
2024-09-14 16:23:57,643 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/sdk-default-configuration.json
2024-09-14 16:23:57,643 - botocore.hooks - DEBUG - Event choose-service-name: calling handler <function handle_service_name_alias at 0x108d83670>
2024-09-14 16:23:57,677 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/iam/2010-05-08/service-2.json.gz
2024-09-14 16:23:57,709 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/iam/2010-05-08/endpoint-rule-set-1.json.gz
2024-09-14 16:23:57,710 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/partitions.json
2024-09-14 16:23:57,714 - botocore.hooks - DEBUG - Event creating-client-class.iam: calling handler <function add_generate_presigned_url at 0x108cd1af0>
2024-09-14 16:23:57,715 - botocore.configprovider - DEBUG - Looking for endpoint for iam via: environment_service
2024-09-14 16:23:57,715 - botocore.configprovider - DEBUG - Looking for endpoint for iam via: environment_global
2024-09-14 16:23:57,715 - botocore.configprovider - DEBUG - Looking for endpoint for iam via: config_service
2024-09-14 16:23:57,715 - botocore.configprovider - DEBUG - Looking for endpoint for iam via: config_global
2024-09-14 16:23:57,715 - botocore.configprovider - DEBUG - No configured endpoint found.
2024-09-14 16:23:57,715 - botocore.regions - DEBUG - Using partition endpoint for iam, ap-northeast-1: aws-global
2024-09-14 16:23:57,717 - botocore.endpoint - DEBUG - Setting iam timeout as (60, 60)
2024-09-14 16:23:57,718 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/_retry.json
2024-09-14 16:23:57,719 - botocore.client - DEBUG - Registering retry handlers for service: iam
2024-09-14 16:23:57,720 - botocore.hooks - DEBUG - Event choose-service-name: calling handler <function handle_service_name_alias at 0x108d83670>
2024-09-14 16:23:57,725 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/s3/2006-03-01/service-2.json.gz
2024-09-14 16:23:57,755 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/s3/2006-03-01/endpoint-rule-set-1.json.gz
2024-09-14 16:23:57,761 - botocore.hooks - DEBUG - Event creating-client-class.s3: calling handler <function add_generate_presigned_post at 0x108cd1d30>
2024-09-14 16:23:57,761 - botocore.hooks - DEBUG - Event creating-client-class.s3: calling handler <function lazy_call.<locals>._handler at 0x108e208b0>
2024-09-14 16:23:57,832 - botocore.hooks - DEBUG - Event creating-client-class.s3: calling handler <function add_generate_presigned_url at 0x108cd1af0>
2024-09-14 16:23:57,833 - botocore.configprovider - DEBUG - Looking for endpoint for s3 via: environment_service
2024-09-14 16:23:57,833 - botocore.configprovider - DEBUG - Looking for endpoint for s3 via: environment_global
2024-09-14 16:23:57,833 - botocore.configprovider - DEBUG - Looking for endpoint for s3 via: config_service
2024-09-14 16:23:57,833 - botocore.configprovider - DEBUG - Looking for endpoint for s3 via: config_global
2024-09-14 16:23:57,833 - botocore.configprovider - DEBUG - No configured endpoint found.
2024-09-14 16:23:57,835 - botocore.endpoint - DEBUG - Setting s3 timeout as (60, 60)
2024-09-14 16:23:57,838 - botocore.client - DEBUG - Registering retry handlers for service: s3
2024-09-14 16:23:57,838 - botocore.utils - DEBUG - Registering S3 region redirector handler
2024-09-14 16:23:57,838 - botocore.utils - DEBUG - Registering S3Express Identity Resolver
2024-09-14 16:23:57,839 - botocore.hooks - DEBUG - Event before-parameter-build.s3.GetBucketEncryption: calling handler <function validate_bucket_name at 0x108d9edc0>
2024-09-14 16:23:57,839 - botocore.hooks - DEBUG - Event before-parameter-build.s3.GetBucketEncryption: calling handler <function remove_bucket_from_url_paths_from_model at 0x108da7ca0>
2024-09-14 16:23:57,839 - botocore.hooks - DEBUG - Event before-parameter-build.s3.GetBucketEncryption: calling handler <bound method S3RegionRedirectorv2.annotate_request_context of <botocore.utils.S3RegionRedirectorv2 object at 0x10a559e20>>
2024-09-14 16:23:57,839 - botocore.hooks - DEBUG - Event before-parameter-build.s3.GetBucketEncryption: calling handler <bound method ClientCreator._inject_s3_input_parameters of <botocore.client.ClientCreator object at 0x108e8c2e0>>
2024-09-14 16:23:57,839 - botocore.hooks - DEBUG - Event before-parameter-build.s3.GetBucketEncryption: calling handler <function generate_idempotent_uuid at 0x108d9ec10>
2024-09-14 16:23:57,839 - botocore.hooks - DEBUG - Event before-endpoint-resolution.s3: calling handler <function customize_endpoint_resolver_builtins at 0x108da7e50>
2024-09-14 16:23:57,839 - botocore.hooks - DEBUG - Event before-endpoint-resolution.s3: calling handler <bound method S3RegionRedirectorv2.redirect_from_cache of <botocore.utils.S3RegionRedirectorv2 object at 0x10a559e20>>
2024-09-14 16:23:57,840 - botocore.regions - DEBUG - Calling endpoint provider with parameters: {'Bucket': 'sample-bucket', 'Region': 'ap-east-1', 'UseFIPS': False, 'UseDualStack': False, 'ForcePathStyle': False, 'Accelerate': False, 'UseGlobalEndpoint': False, 'DisableMultiRegionAccessPoints': False, 'UseArnRegion': True, 'UseS3ExpressControlEndpoint': True}
2024-09-14 16:23:57,841 - botocore.regions - DEBUG - Endpoint provider result: https://sample-bucket.s3.ap-east-1.amazonaws.com
2024-09-14 16:23:57,841 - botocore.regions - DEBUG - Selecting from endpoint provider's list of auth schemes: "sigv4". User selected auth scheme is: "None"
2024-09-14 16:23:57,841 - botocore.regions - DEBUG - Selected auth type "v4" as "v4" with signing context params: {'region': 'ap-east-1', 'signing_name': 's3', 'disableDoubleEncoding': True}
2024-09-14 16:23:57,841 - botocore.hooks - DEBUG - Event before-call.s3.GetBucketEncryption: calling handler <function add_expect_header at 0x108da6160>
2024-09-14 16:23:57,841 - botocore.hooks - DEBUG - Event before-call.s3.GetBucketEncryption: calling handler <bound method S3ExpressIdentityResolver.apply_signing_cache_key of <botocore.utils.S3ExpressIdentityResolver object at 0x10a559df0>>
2024-09-14 16:23:57,841 - botocore.hooks - DEBUG - Event before-call.s3.GetBucketEncryption: calling handler <function add_recursion_detection_header at 0x108d9e820>
2024-09-14 16:23:57,842 - botocore.hooks - DEBUG - Event before-call.s3.GetBucketEncryption: calling handler <function inject_api_version_header_if_needed at 0x108da74c0>
2024-09-14 16:23:57,842 - botocore.endpoint - DEBUG - Making request for OperationModel(name=GetBucketEncryption) with params: {'url_path': '?encryption', 'query_string': {}, 'method': 'GET', 'headers': {'User-Agent': 'Boto3/1.35.14 md/Botocore#1.35.14 ua/2.0 os/macos#23.5.0 md/arch#x86_64 lang/python#3.9.6 md/pyimpl#CPython cfg/retry-mode#legacy Botocore/1.35.14'}, 'body': b'', 'auth_path': '/sample-bucket/', 'url': 'https://sample-bucket.s3.ap-east-1.amazonaws.com/?encryption', 'context': {'client_region': 'ap-east-1', 'client_config': <botocore.config.Config object at 0x109a802e0>, 'has_streaming_input': False, 'auth_type': 'v4', 'unsigned_payload': None, 's3_redirect': {'redirected': False, 'bucket': 'sample-bucket', 'params': {'Bucket': 'sample-bucket'}}, 'input_params': {'Bucket': 'sample-bucket'}, 'signing': {'region': 'ap-east-1', 'signing_name': 's3', 'disableDoubleEncoding': True}, 'endpoint_properties': {'authSchemes': [{'disableDoubleEncoding': True, 'name': 'sigv4', 'signingName': 's3', 'signingRegion': 'ap-east-1'}]}}}
2024-09-14 16:23:57,842 - botocore.hooks - DEBUG - Event request-created.s3.GetBucketEncryption: calling handler <bound method RequestSigner.handler of <botocore.signers.RequestSigner object at 0x109a801c0>>
2024-09-14 16:23:57,842 - botocore.hooks - DEBUG - Event choose-signer.s3.GetBucketEncryption: calling handler <function set_operation_specific_signer at 0x108d9ea60>
2024-09-14 16:23:57,842 - botocore.hooks - DEBUG - Event before-sign.s3.GetBucketEncryption: calling handler <function remove_arn_from_signing_path at 0x108da7dc0>
2024-09-14 16:23:57,842 - botocore.hooks - DEBUG - Event before-sign.s3.GetBucketEncryption: calling handler <bound method S3ExpressIdentityResolver.resolve_s3express_identity of <botocore.utils.S3ExpressIdentityResolver object at 0x10a559df0>>
2024-09-14 16:23:57,842 - botocore.hooks - DEBUG - Event choose-service-name: calling handler <function handle_service_name_alias at 0x108d83670>
2024-09-14 16:23:57,843 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/sts/2011-06-15/service-2.json.gz
2024-09-14 16:23:57,845 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/sts/2011-06-15/endpoint-rule-set-1.json.gz
2024-09-14 16:23:57,846 - botocore.hooks - DEBUG - Event creating-client-class.sts: calling handler <function add_generate_presigned_url at 0x108cd1af0>
2024-09-14 16:23:57,846 - botocore.configprovider - DEBUG - Looking for endpoint for sts via: environment_service
2024-09-14 16:23:57,846 - botocore.configprovider - DEBUG - Looking for endpoint for sts via: environment_global
2024-09-14 16:23:57,847 - botocore.configprovider - DEBUG - Looking for endpoint for sts via: config_service
2024-09-14 16:23:57,847 - botocore.configprovider - DEBUG - Looking for endpoint for sts via: config_global
2024-09-14 16:23:57,847 - botocore.configprovider - DEBUG - No configured endpoint found.
2024-09-14 16:23:57,849 - botocore.endpoint - DEBUG - Setting sts timeout as (60, 60)
2024-09-14 16:23:57,850 - botocore.client - DEBUG - Registering retry handlers for service: sts
2024-09-14 16:23:57,850 - botocore.hooks - DEBUG - Event before-parameter-build.sts.AssumeRole: calling handler <function generate_idempotent_uuid at 0x108d9ec10>
2024-09-14 16:23:57,851 - botocore.regions - DEBUG - Calling endpoint provider with parameters: {'Region': 'ap-northeast-1', 'UseDualStack': False, 'UseFIPS': False, 'UseGlobalEndpoint': True}
2024-09-14 16:23:57,851 - botocore.regions - DEBUG - Endpoint provider result: https://sts.amazonaws.com
2024-09-14 16:23:57,851 - botocore.regions - DEBUG - Selecting from endpoint provider's list of auth schemes: "sigv4". User selected auth scheme is: "None"
2024-09-14 16:23:57,851 - botocore.regions - DEBUG - Selected auth type "v4" as "v4" with signing context params: {'region': 'us-east-1', 'signing_name': 'sts'}
2024-09-14 16:23:57,852 - botocore.hooks - DEBUG - Event before-call.sts.AssumeRole: calling handler <function add_recursion_detection_header at 0x108d9e820>
2024-09-14 16:23:57,852 - botocore.hooks - DEBUG - Event before-call.sts.AssumeRole: calling handler <function inject_api_version_header_if_needed at 0x108da74c0>
2024-09-14 16:23:57,852 - botocore.endpoint - DEBUG - Making request for OperationModel(name=AssumeRole) with params: {'url_path': '/', 'query_string': '', 'method': 'POST', 'headers': {'Content-Type': 'application/x-www-form-urlencoded; charset=utf-8', 'User-Agent': 'Boto3/1.35.14 md/Botocore#1.35.14 ua/2.0 os/macos#23.5.0 md/arch#x86_64 lang/python#3.9.6 md/pyimpl#CPython cfg/retry-mode#legacy Botocore/1.35.14'}, 'body': {'Action': 'AssumeRole', 'Version': '2011-06-15', 'RoleArn': 'arn:aws:iam::000000000000:role/000000000000_readonly', 'RoleSessionName': 'botocore-session-1726298637'}, 'url': 'https://sts.amazonaws.com/', 'context': {'client_region': 'ap-northeast-1', 'client_config': <botocore.config.Config object at 0x10a559220>, 'has_streaming_input': False, 'auth_type': 'v4', 'unsigned_payload': None, 'signing': {'region': 'us-east-1', 'signing_name': 'sts'}, 'endpoint_properties': {'authSchemes': [{'name': 'sigv4', 'signingName': 'sts', 'signingRegion': 'us-east-1'}]}}}
2024-09-14 16:23:57,852 - botocore.hooks - DEBUG - Event request-created.sts.AssumeRole: calling handler <bound method RequestSigner.handler of <botocore.signers.RequestSigner object at 0x10a5592b0>>
2024-09-14 16:23:57,852 - botocore.hooks - DEBUG - Event choose-signer.sts.AssumeRole: calling handler <function set_operation_specific_signer at 0x108d9ea60>
2024-09-14 16:23:57,853 - botocore.auth - DEBUG - Calculating signature using v4 auth.
2024-09-14 16:23:57,853 - botocore.auth - DEBUG - CanonicalRequest:
POST
/
content-type:application/x-www-form-urlencoded; charset=utf-8
host:sts.amazonaws.com
x-amz-date:20240914T072357Z
content-type;host;x-amz-date
7ceebf1c458ba0e86e89d92746588225a7edc97ae59a18f712f2d1553ba27227
2024-09-14 16:23:57,853 - botocore.auth - DEBUG - StringToSign:
AWS4-HMAC-SHA256
20240914T072357Z
20240914/us-east-1/sts/aws4_request
14c7f3c412dece4dad656a2bfd7b5f959889800bbde18f660a521dd0857d850f
2024-09-14 16:23:57,853 - botocore.auth - DEBUG - Signature:
6abcf8da81a9298c76eb11f5c19298f63dd46e4c9ba57775d029238552c028ae
2024-09-14 16:23:57,853 - botocore.hooks - DEBUG - Event request-created.sts.AssumeRole: calling handler <function add_retry_headers at 0x108da7c10>
2024-09-14 16:23:57,854 - botocore.endpoint - DEBUG - Sending http request: <AWSPreparedRequest stream_output=False, method=POST, url=https://sts.amazonaws.com/, headers={'Content-Type': b'application/x-www-form-urlencoded; charset=utf-8', 'User-Agent': b'Boto3/1.35.14 md/Botocore#1.35.14 ua/2.0 os/macos#23.5.0 md/arch#x86_64 lang/python#3.9.6 md/pyimpl#CPython cfg/retry-mode#legacy Botocore/1.35.14', 'X-Amz-Date': b'20240914T072357Z', 'Authorization': b'AWS4-HMAC-SHA256 Credential=AKIA3FKRXXXXXXXXF6XS/20240914/us-east-1/sts/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=6abcf8da81a9298c76eb11f5c19298f63dd46e4c9ba57775d029238552c028ae', 'amz-sdk-invocation-id': b'527efee5-dd18-49e9-b162-56a8b0d6d396', 'amz-sdk-request': b'attempt=1', 'Content-Length': '153'}>
2024-09-14 16:23:57,854 - botocore.httpsession - DEBUG - Certificate path: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/certifi/cacert.pem
2024-09-14 16:23:58,634 - botocore.parsers - DEBUG - Response headers: {'x-amzn-RequestId': '01cdc304-4390-4d6d-9137-f8b5446f2563', 'Content-Type': 'text/xml', 'Content-Length': '1118', 'Date': 'Sat, 14 Sep 2024 07:23:58 GMT'}
2024-09-14 16:23:58,634 - botocore.parsers - DEBUG - Response body:
b'<AssumeRoleResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">\n <AssumeRoleResult>\n <AssumedRoleUser>\n <AssumedRoleId>AROA3FKXXXXXXXXXXTPL3:botocore-session-1726298637</AssumedRoleId>\n <Arn>arn:aws:sts::000000000000:assumed-role/readonly/botocore-session-1726298637</Arn>\n </AssumedRoleUser>\n <Credentials>\n <AccessKeyId>ASIA3FXXXXXXXXXXXX</AccessKeyId>\n <SecretAccessKey>zmepK6aYYnw02hDUo7PbUdyNKIob6rvlVKDHBCzg</SecretAccessKey>\n <SessionToken>FwoGZXIvYXdzELn//////////wEaDI0V1oGnnvgvZMm1NSK/ARNXXuAo0DzVe8QNFMUyBuVbn4uKE9fnzF6Vtw8TMYbauWRPTClAIQsqXYApuTM358iSw5KUTEof6YpLIFXbkOlrhpfjiEXDdnlUgTTgZyuNpNv9p7Tao39XBmsIilol6/czuL7lbqaKsctw2Zn+TNoYXpTwysEQeOoJJiSI0a1OqR7li6x5pUqYcW2TQWZZYOA+3rov8nmH8E9nQJ8er2csSKIZJNv4iietG7q/Ey3iaTtsC3ROmugH0qWpR8+wKI70lLcGMi36eGdtkwvP04IkTIis2VUDP2vfNngTuHnjOCdLeQjTHz0w9vrBYY3iyQq+LJg=</SessionToken>\n <Expiration>2024-09-14T08:23:58Z</Expiration>\n </Credentials>\n </AssumeRoleResult>\n <ResponseMetadata>\n <RequestId>01cdc304-4390-4d6d-9137-f8b5446f2563</RequestId>\n </ResponseMetadata>\n</AssumeRoleResponse>\n'
2024-09-14 16:23:58,636 - botocore.hooks - DEBUG - Event needs-retry.sts.AssumeRole: calling handler <botocore.retryhandler.RetryHandler object at 0x10a4ac9d0>
2024-09-14 16:23:58,637 - botocore.retryhandler - DEBUG - No retry needed.
2024-09-14 16:23:58,640 - botocore.credentials - DEBUG - Retrieved credentials will expire at: 2024-09-14 08:23:58+00:00
2024-09-14 16:23:58,640 - botocore.auth - DEBUG - Calculating signature using v4 auth.
2024-09-14 16:23:58,641 - botocore.auth - DEBUG - CanonicalRequest:
GET
/
encryption=
host:sample-bucket.s3.ap-east-1.amazonaws.com
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20240914T072358Z
x-amz-security-token:FwoGZXIvYXdzELn//////////wEaDI0V1oGnnvgvZMm1NSK/ARNXXuAo0DzVe8QNFMUyBuVbn4uKE9fnzF6Vtw8TMYbauWRPTClAIQsqXYApuTM358iSw5KUTEof6YpLIFXbkOlrhpfjiEXDdnlUgTTgZyuNpNv9p7Tao39XBmsIilol6/czuL7lbqaKsctw2Zn+TNoYXpTwysEQeOoJJiSI0a1OqR7li6x5pUqYcW2TQWZZYOA+3rov8nmH8E9nQJ8er2csSKIZJNv4iietG7q/Ey3iaTtsC3ROmugH0qWpR8+wKI70lLcGMi36eGdtkwvP04IkTIis2VUDP2vfNngTuHnjOCdLeQjTHz0w9vrBYY3iyQq+LJg=
host;x-amz-content-sha256;x-amz-date;x-amz-security-token
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
2024-09-14 16:23:58,641 - botocore.auth - DEBUG - StringToSign:
AWS4-HMAC-SHA256
20240914T072358Z
20240914/ap-east-1/s3/aws4_request
f42ebb2414abf0ec86e28d29a8edc077497ea6f5cc71cda6862a8b04029dddc5
2024-09-14 16:23:58,641 - botocore.auth - DEBUG - Signature:
01da108707eb06fe6987778e5e99074859e102a14cd223c657e09a9d1073cbf5
2024-09-14 16:23:58,641 - botocore.hooks - DEBUG - Event request-created.s3.GetBucketEncryption: calling handler <function add_retry_headers at 0x108da7c10>
2024-09-14 16:23:58,642 - botocore.endpoint - DEBUG - Sending http request: <AWSPreparedRequest stream_output=False, method=GET, url=https://sample-bucket.s3.ap-east-1.amazonaws.com/?encryption, headers={'User-Agent': b'Boto3/1.35.14 md/Botocore#1.35.14 ua/2.0 os/macos#23.5.0 md/arch#x86_64 lang/python#3.9.6 md/pyimpl#CPython cfg/retry-mode#legacy Botocore/1.35.14', 'X-Amz-Date': b'20240914T072358Z', 'X-Amz-Security-Token': b'FwoGZXIvYXdzELn//////////wEaDI0V1oGnnvgvZMm1NSK/ARNXXuAo0DzVe8QNFMUyBuVbn4uKE9fnzF6Vtw8TMYbauWRPTClAIQsqXYApuTM358iSw5KUTEof6YpLIFXbkOlrhpfjiEXDdnlUgTTgZyuNpNv9p7Tao39XBmsIilol6/czuL7lbqaKsctw2Zn+TNoYXpTwysEQeOoJJiSI0a1OqR7li6x5pUqYcW2TQWZZYOA+3rov8nmH8E9nQJ8er2csSKIZJNv4iietG7q/Ey3iaTtsC3ROmugH0qWpR8+wKI70lLcGMiXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXuHnjOCdLeQjTHz0w9vrBYY3iyQq+LJg=', 'X-Amz-Content-SHA256': b'e3b0c44298fc1c149ae41e4649b934ca495991b7852b855', 'Authorization': b'AWS4-HMAC-SHA256 Credential=ASIA3FXXXXXXXXXXXX/20240914/ap-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-security-token, Signature=01da108707eb06fe6987778e5e99074859e102a14cd223c657e09a9d1073cbf5', 'amz-sdk-invocation-id': b'a4ad98d5-9abb-4232-9dd3-32def095efe0', 'amz-sdk-request': b'attempt=1'}>
2024-09-14 16:23:58,642 - botocore.httpsession - DEBUG - Certificate path: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/certifi/cacert.pem
2024-09-14 16:23:58,928 - botocore.parsers - DEBUG - Response headers: {'x-amz-request-id': '29VY3PVBGBCXRMG1', 'x-amz-id-2': 'N5va1i11oHfVifo2sqI7MH6sPaKNuomxvbSmzD9eaXN3Ep+ZVOBXQXvf3G3GUbvsn+aXlADqTVE=', 'Content-Type': 'application/xml', 'Transfer-Encoding': 'chunked', 'Date': 'Sat, 14 Sep 2024 07:23:58 GMT', 'Server': 'AmazonS3', 'Connection': 'close'}
2024-09-14 16:23:58,928 - botocore.parsers - DEBUG - Response body:
b'<?xml version="1.0" encoding="UTF-8"?>\n<Error><Code>InvalidToken</Code><Message>The provided token is malformed or otherwise invalid.</Message><Token-0>FwoGZXIvYXdzELn//////////wEaDI0V1oGnnvgvZMm1NSK/ARNXXuAo0DzVe8QNFMUyBuVbn4uKE9fnzF6Vtw8TMYbauWRPTClAIQsqXYApuTM358iSw5KUTEof6YpLIFXbkOlrhpfjiEXDdnlUgTTgZyuNpNv9p7Tao39XBmsIilol6/czuL7lbqaKsctw2Zn+TNoYXpTwysEQeOoJJiSI0a1OqR7li6x5pUqYcW2TQWZZYOA+3rov8nmH8E9nQJ8er2csSKIZJNv4iietG7q/Ey3iaTtsC3ROmugH0qWpR8+wKI70lLcGMi36eGdtkjOCdLeQjTHz0w9vrBYY3iyQq+LJg=</Token-0><RequestId>29VY3PVBGBCXRMG1</RequestId><HostId>N5va1i11oHfVifo2sqI7MH6sPaKNuomxvbSmzD9eaXN3Ep+ZVOBXQXvf3G3GUbvsn+aXlADqTVE=</HostId></Error>'
2024-09-14 16:23:58,932 - botocore.hooks - DEBUG - Event needs-retry.s3.GetBucketEncryption: calling handler <botocore.retryhandler.RetryHandler object at 0x10a559eb0>
2024-09-14 16:23:58,932 - botocore.retryhandler - DEBUG - No retry needed.
2024-09-14 16:23:58,932 - botocore.hooks - DEBUG - Event needs-retry.s3.GetBucketEncryption: calling handler <bound method S3RegionRedirectorv2.redirect_from_error of <botocore.utils.S3RegionRedirectorv2 object at 0x10a559e20>>
Traceback (most recent call last):
File "/Users/user1/development/karte-cloud-service-scanner-engine/src/tests/AWS/bug.py", line 9, in <module>
response = s3_client.get_bucket_encryption(Bucket="sample-bucket")
File "/Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/client.py", line 569, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/client.py", line 1023, in _make_api_call
raise error_class(parsed_response, operation_name)
botocore.exceptions.ClientError: An error occurred (InvalidToken) when calling the GetBucketEncryption operation: The provided token is malformed or otherwise invalid.Request without IAM Client
2024-09-14 16:25:04,656 - botocore.hooks - DEBUG - Changing event name from creating-client-class.iot-data to creating-client-class.iot-data-plane
2024-09-14 16:25:04,659 - botocore.hooks - DEBUG - Changing event name from before-call.apigateway to before-call.api-gateway
2024-09-14 16:25:04,660 - botocore.hooks - DEBUG - Changing event name from request-created.machinelearning.Predict to request-created.machine-learning.Predict
2024-09-14 16:25:04,662 - botocore.hooks - DEBUG - Changing event name from before-parameter-build.autoscaling.CreateLaunchConfiguration to before-parameter-build.auto-scaling.CreateLaunchConfiguration
2024-09-14 16:25:04,662 - botocore.hooks - DEBUG - Changing event name from before-parameter-build.route53 to before-parameter-build.route-53
2024-09-14 16:25:04,663 - botocore.hooks - DEBUG - Changing event name from request-created.cloudsearchdomain.Search to request-created.cloudsearch-domain.Search
2024-09-14 16:25:04,665 - botocore.hooks - DEBUG - Changing event name from docs.*.autoscaling.CreateLaunchConfiguration.complete-section to docs.*.auto-scaling.CreateLaunchConfiguration.complete-section
2024-09-14 16:25:04,669 - botocore.hooks - DEBUG - Changing event name from before-parameter-build.logs.CreateExportTask to before-parameter-build.cloudwatch-logs.CreateExportTask
2024-09-14 16:25:04,669 - botocore.hooks - DEBUG - Changing event name from docs.*.logs.CreateExportTask.complete-section to docs.*.cloudwatch-logs.CreateExportTask.complete-section
2024-09-14 16:25:04,669 - botocore.hooks - DEBUG - Changing event name from before-parameter-build.cloudsearchdomain.Search to before-parameter-build.cloudsearch-domain.Search
2024-09-14 16:25:04,670 - botocore.hooks - DEBUG - Changing event name from docs.*.cloudsearchdomain.Search.complete-section to docs.*.cloudsearch-domain.Search.complete-section
2024-09-14 16:25:04,670 - botocore.session - DEBUG - Setting config variable for profile to 'bug2'
2024-09-14 16:25:04,677 - botocore.utils - DEBUG - IMDS ENDPOINT: http://169.254.169.254/
2024-09-14 16:25:04,685 - botocore.credentials - DEBUG - Skipping environment variable credential check because profile name was explicitly set.
2024-09-14 16:25:04,685 - botocore.credentials - DEBUG - Looking for credentials via: assume-role
2024-09-14 16:25:04,685 - botocore.credentials - DEBUG - Looking for credentials via: assume-role-with-web-identity
2024-09-14 16:25:04,685 - botocore.credentials - DEBUG - Looking for credentials via: sso
2024-09-14 16:25:04,686 - botocore.credentials - DEBUG - Looking for credentials via: shared-credentials-file
2024-09-14 16:25:04,686 - botocore.credentials - INFO - Found credentials in shared credentials file: ~/.aws/credentials
2024-09-14 16:25:04,688 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/endpoints.json
2024-09-14 16:25:04,709 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/sdk-default-configuration.json
2024-09-14 16:25:04,710 - botocore.hooks - DEBUG - Event choose-service-name: calling handler <function handle_service_name_alias at 0x106ec3670>
2024-09-14 16:25:04,742 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/s3/2006-03-01/service-2.json.gz
2024-09-14 16:25:04,778 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/s3/2006-03-01/endpoint-rule-set-1.json.gz
2024-09-14 16:25:04,782 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/partitions.json
2024-09-14 16:25:04,785 - botocore.hooks - DEBUG - Event creating-client-class.s3: calling handler <function add_generate_presigned_post at 0x106e11d30>
2024-09-14 16:25:04,785 - botocore.hooks - DEBUG - Event creating-client-class.s3: calling handler <function lazy_call.<locals>._handler at 0x106f608b0>
2024-09-14 16:25:04,871 - botocore.hooks - DEBUG - Event creating-client-class.s3: calling handler <function add_generate_presigned_url at 0x106e11af0>
2024-09-14 16:25:04,877 - botocore.configprovider - DEBUG - Looking for endpoint for s3 via: environment_service
2024-09-14 16:25:04,877 - botocore.configprovider - DEBUG - Looking for endpoint for s3 via: environment_global
2024-09-14 16:25:04,896 - botocore.configprovider - DEBUG - Looking for endpoint for s3 via: config_service
2024-09-14 16:25:04,898 - botocore.configprovider - DEBUG - Looking for endpoint for s3 via: config_global
2024-09-14 16:25:04,898 - botocore.configprovider - DEBUG - No configured endpoint found.
2024-09-14 16:25:04,903 - botocore.endpoint - DEBUG - Setting s3 timeout as (60, 60)
2024-09-14 16:25:04,906 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/_retry.json
2024-09-14 16:25:04,907 - botocore.client - DEBUG - Registering retry handlers for service: s3
2024-09-14 16:25:04,907 - botocore.utils - DEBUG - Registering S3 region redirector handler
2024-09-14 16:25:04,908 - botocore.utils - DEBUG - Registering S3Express Identity Resolver
2024-09-14 16:25:04,908 - botocore.hooks - DEBUG - Event before-parameter-build.s3.GetBucketEncryption: calling handler <function validate_bucket_name at 0x106ededc0>
2024-09-14 16:25:04,908 - botocore.hooks - DEBUG - Event before-parameter-build.s3.GetBucketEncryption: calling handler <function remove_bucket_from_url_paths_from_model at 0x106ee7ca0>
2024-09-14 16:25:04,909 - botocore.hooks - DEBUG - Event before-parameter-build.s3.GetBucketEncryption: calling handler <bound method S3RegionRedirectorv2.annotate_request_context of <botocore.utils.S3RegionRedirectorv2 object at 0x107a394c0>>
2024-09-14 16:25:04,909 - botocore.hooks - DEBUG - Event before-parameter-build.s3.GetBucketEncryption: calling handler <bound method ClientCreator._inject_s3_input_parameters of <botocore.client.ClientCreator object at 0x106fcd160>>
2024-09-14 16:25:04,909 - botocore.hooks - DEBUG - Event before-parameter-build.s3.GetBucketEncryption: calling handler <function generate_idempotent_uuid at 0x106edec10>
2024-09-14 16:25:04,909 - botocore.hooks - DEBUG - Event before-endpoint-resolution.s3: calling handler <function customize_endpoint_resolver_builtins at 0x106ee7e50>
2024-09-14 16:25:04,909 - botocore.hooks - DEBUG - Event before-endpoint-resolution.s3: calling handler <bound method S3RegionRedirectorv2.redirect_from_cache of <botocore.utils.S3RegionRedirectorv2 object at 0x107a394c0>>
2024-09-14 16:25:04,910 - botocore.regions - DEBUG - Calling endpoint provider with parameters: {'Bucket': 'sample-bucket', 'Region': 'ap-east-1', 'UseFIPS': False, 'UseDualStack': False, 'ForcePathStyle': False, 'Accelerate': False, 'UseGlobalEndpoint': False, 'DisableMultiRegionAccessPoints': False, 'UseArnRegion': True, 'UseS3ExpressControlEndpoint': True}
2024-09-14 16:25:04,912 - botocore.regions - DEBUG - Endpoint provider result: https://sample-bucket.s3.ap-east-1.amazonaws.com
2024-09-14 16:25:04,912 - botocore.regions - DEBUG - Selecting from endpoint provider's list of auth schemes: "sigv4". User selected auth scheme is: "None"
2024-09-14 16:25:04,912 - botocore.regions - DEBUG - Selected auth type "v4" as "v4" with signing context params: {'region': 'ap-east-1', 'signing_name': 's3', 'disableDoubleEncoding': True}
2024-09-14 16:25:04,913 - botocore.hooks - DEBUG - Event before-call.s3.GetBucketEncryption: calling handler <function add_expect_header at 0x106ee6160>
2024-09-14 16:25:04,913 - botocore.hooks - DEBUG - Event before-call.s3.GetBucketEncryption: calling handler <bound method S3ExpressIdentityResolver.apply_signing_cache_key of <botocore.utils.S3ExpressIdentityResolver object at 0x107a394f0>>
2024-09-14 16:25:04,913 - botocore.hooks - DEBUG - Event before-call.s3.GetBucketEncryption: calling handler <function add_recursion_detection_header at 0x106ede820>
2024-09-14 16:25:04,913 - botocore.hooks - DEBUG - Event before-call.s3.GetBucketEncryption: calling handler <function inject_api_version_header_if_needed at 0x106ee74c0>
2024-09-14 16:25:04,913 - botocore.endpoint - DEBUG - Making request for OperationModel(name=GetBucketEncryption) with params: {'url_path': '?encryption', 'query_string': {}, 'method': 'GET', 'headers': {'User-Agent': 'Boto3/1.35.14 md/Botocore#1.35.14 ua/2.0 os/macos#23.5.0 md/arch#x86_64 lang/python#3.9.6 md/pyimpl#CPython cfg/retry-mode#legacy Botocore/1.35.14'}, 'body': b'', 'auth_path': '/sample-bucket/', 'url': 'https://sample-bucket.s3.ap-east-1.amazonaws.com/?encryption', 'context': {'client_region': 'ap-east-1', 'client_config': <botocore.config.Config object at 0x1079621c0>, 'has_streaming_input': False, 'auth_type': 'v4', 'unsigned_payload': None, 's3_redirect': {'redirected': False, 'bucket': 'sample-bucket', 'params': {'Bucket': 'sample-bucket'}}, 'input_params': {'Bucket': 'sample-bucket'}, 'signing': {'region': 'ap-east-1', 'signing_name': 's3', 'disableDoubleEncoding': True}, 'endpoint_properties': {'authSchemes': [{'disableDoubleEncoding': True, 'name': 'sigv4', 'signingName': 's3', 'signingRegion': 'ap-east-1'}]}}}
2024-09-14 16:25:04,913 - botocore.hooks - DEBUG - Event request-created.s3.GetBucketEncryption: calling handler <bound method RequestSigner.handler of <botocore.signers.RequestSigner object at 0x10795dd90>>
2024-09-14 16:25:04,913 - botocore.hooks - DEBUG - Event choose-signer.s3.GetBucketEncryption: calling handler <function set_operation_specific_signer at 0x106edea60>
2024-09-14 16:25:04,914 - botocore.hooks - DEBUG - Event before-sign.s3.GetBucketEncryption: calling handler <function remove_arn_from_signing_path at 0x106ee7dc0>
2024-09-14 16:25:04,914 - botocore.hooks - DEBUG - Event before-sign.s3.GetBucketEncryption: calling handler <bound method S3ExpressIdentityResolver.resolve_s3express_identity of <botocore.utils.S3ExpressIdentityResolver object at 0x107a394f0>>
2024-09-14 16:25:04,914 - botocore.hooks - DEBUG - Event choose-service-name: calling handler <function handle_service_name_alias at 0x106ec3670>
2024-09-14 16:25:04,915 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/sts/2011-06-15/service-2.json.gz
2024-09-14 16:25:04,917 - botocore.loaders - DEBUG - Loading JSON file: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/botocore/data/sts/2011-06-15/endpoint-rule-set-1.json.gz
2024-09-14 16:25:04,918 - botocore.hooks - DEBUG - Event creating-client-class.sts: calling handler <function add_generate_presigned_url at 0x106e11af0>
2024-09-14 16:25:04,918 - botocore.configprovider - DEBUG - Looking for endpoint for sts via: environment_service
2024-09-14 16:25:04,918 - botocore.configprovider - DEBUG - Looking for endpoint for sts via: environment_global
2024-09-14 16:25:04,918 - botocore.configprovider - DEBUG - Looking for endpoint for sts via: config_service
2024-09-14 16:25:04,918 - botocore.configprovider - DEBUG - Looking for endpoint for sts via: config_global
2024-09-14 16:25:04,918 - botocore.configprovider - DEBUG - No configured endpoint found.
2024-09-14 16:25:04,921 - botocore.endpoint - DEBUG - Setting sts timeout as (60, 60)
2024-09-14 16:25:04,922 - botocore.client - DEBUG - Registering retry handlers for service: sts
2024-09-14 16:25:04,923 - botocore.hooks - DEBUG - Event before-parameter-build.sts.AssumeRole: calling handler <function generate_idempotent_uuid at 0x106edec10>
2024-09-14 16:25:04,923 - botocore.regions - DEBUG - Calling endpoint provider with parameters: {'Region': 'ap-east-1', 'UseDualStack': False, 'UseFIPS': False, 'UseGlobalEndpoint': False}
2024-09-14 16:25:04,924 - botocore.regions - DEBUG - Endpoint provider result: https://sts.ap-east-1.amazonaws.com
2024-09-14 16:25:04,924 - botocore.hooks - DEBUG - Event before-call.sts.AssumeRole: calling handler <function add_recursion_detection_header at 0x106ede820>
2024-09-14 16:25:04,924 - botocore.hooks - DEBUG - Event before-call.sts.AssumeRole: calling handler <function inject_api_version_header_if_needed at 0x106ee74c0>
2024-09-14 16:25:04,924 - botocore.endpoint - DEBUG - Making request for OperationModel(name=AssumeRole) with params: {'url_path': '/', 'query_string': '', 'method': 'POST', 'headers': {'Content-Type': 'application/x-www-form-urlencoded; charset=utf-8', 'User-Agent': 'Boto3/1.35.14 md/Botocore#1.35.14 ua/2.0 os/macos#23.5.0 md/arch#x86_64 lang/python#3.9.6 md/pyimpl#CPython cfg/retry-mode#legacy Botocore/1.35.14'}, 'body': {'Action': 'AssumeRole', 'Version': '2011-06-15', 'RoleArn': 'arn:aws:iam::000000000000:role/000000000000_readonly', 'RoleSessionName': 'botocore-session-1726298704'}, 'url': 'https://sts.ap-east-1.amazonaws.com/', 'context': {'client_region': 'ap-east-1', 'client_config': <botocore.config.Config object at 0x107a391f0>, 'has_streaming_input': False, 'auth_type': None, 'unsigned_payload': None}}
2024-09-14 16:25:04,925 - botocore.hooks - DEBUG - Event request-created.sts.AssumeRole: calling handler <bound method RequestSigner.handler of <botocore.signers.RequestSigner object at 0x107a392b0>>
2024-09-14 16:25:04,925 - botocore.hooks - DEBUG - Event choose-signer.sts.AssumeRole: calling handler <function set_operation_specific_signer at 0x106edea60>
2024-09-14 16:25:04,926 - botocore.auth - DEBUG - Calculating signature using v4 auth.
2024-09-14 16:25:04,926 - botocore.auth - DEBUG - CanonicalRequest:
POST
/
content-type:application/x-www-form-urlencoded; charset=utf-8
host:sts.ap-east-1.amazonaws.com
x-amz-date:20240914T072504Z
content-type;host;x-amz-date
3a4f30e9bc95a88c366cb6395c704f1fb0923e094856420b7ebfa82029744ac3
2024-09-14 16:25:04,926 - botocore.auth - DEBUG - StringToSign:
AWS4-HMAC-SHA256
20240914T072504Z
20240914/ap-east-1/sts/aws4_request
e12acacd80bc3ad4792ad7aca89fd93739d30f79c3642659703e1693c48fde37
2024-09-14 16:25:04,926 - botocore.auth - DEBUG - Signature:
34e7bfb70313f427655f6d7207b47b374705b10590ca602853d3b968b80d3548
2024-09-14 16:25:04,926 - botocore.hooks - DEBUG - Event request-created.sts.AssumeRole: calling handler <function add_retry_headers at 0x106ee7c10>
2024-09-14 16:25:04,926 - botocore.endpoint - DEBUG - Sending http request: <AWSPreparedRequest stream_output=False, method=POST, url=https://sts.ap-east-1.amazonaws.com/, headers={'Content-Type': b'application/x-www-form-urlencoded; charset=utf-8', 'User-Agent': b'Boto3/1.35.14 md/Botocore#1.35.14 ua/2.0 os/macos#23.5.0 md/arch#x86_64 lang/python#3.9.6 md/pyimpl#CPython cfg/retry-mode#legacy Botocore/1.35.14', 'X-Amz-Date': b'20240914T072504Z', 'Authorization': b'AWS4-HMAC-SHA256 Credential=AKIA3FKRNI2D6RB3F6XS/20240914/ap-east-1/sts/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=34e7bfb70313f427655f6d7207b47b374705b10590ca602853d3b968b80d3548', 'amz-sdk-invocation-id': b'72ec493e-907e-45e9-a42e-7887d743bffc', 'amz-sdk-request': b'attempt=1', 'Content-Length': '153'}>
2024-09-14 16:25:04,927 - botocore.httpsession - DEBUG - Certificate path: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/certifi/cacert.pem
2024-09-14 16:25:05,205 - botocore.parsers - DEBUG - Response headers: {'x-amzn-RequestId': 'ea0a9c7b-c85e-44f3-a254-3dd579f90040', 'Content-Type': 'text/xml', 'Content-Length': '1518', 'Date': 'Sat, 14 Sep 2024 07:25:04 GMT'}
2024-09-14 16:25:05,206 - botocore.parsers - DEBUG - Response body:
b'<AssumeRoleResponse xmlns="https://sts.amazonaws.com/doc/2011-06-15/">\n <AssumeRoleResult>\n <AssumedRoleUser>\n <AssumedRoleId>AROA3FKXXXXXXMEKZTPL3:botocore-session-1726298704</AssumedRoleId>\n <Arn>arn:aws:sts::000000000000:assumed-role/readonly/botocore-session-1726298704</Arn>\n </AssumedRoleUser>\n <Credentials>\n <AccessKeyId>ASIA3FKRNIXXXXXXXX</AccessKeyId>\n <SecretAccessKey>oqW6fwavukRKJJgnaFt/yrEJeVv</SecretAccessKey>\n <SessionToken>IQoJb3JpZ2luX2VjEKf//////////wEaCWFwLWVhc3QtMSJGMEQCIEebnyFAF+rhnhYhJA+zox9t9tr3m+XitmMi8lToND3yAiBPJBK4jfqcbS+CZO/UCYQ4WoFqSC62tyIsQxGGB2Ii4yqxAgjR//////////8BEAIaDDc2NzM1OTI3MjU4MyIM1SNJqPUUfuO4JWqgKoUC9whdgxah0nBe23ViIiU0QcOklvfNkNhZ10GCU23vz06iIhkgOQlBLvoIKtxVcypyOCUyHAPJQ5nIyM2E8pmuDhANzHfTS6h9/ybNlCGuS8++ozvtRyJqAaxQisL7qSUA7ncpBcbt734akF8t5IE00Ur8RhVjJCbr2Twyf3E40EFLNu/Mu3urOkH0Jmf4YpDncI89ktV1S/gEenZHN4tD52Ok4MCoxT1Z7nzXx42fo2OY6U3rp2AQej2xT0/oDOfkjxA14EgU6PJMNH0lLcGOp4ByHUed2iv5BODRzL7YJ+P/FzJ0GtvgDCX8/s4/Cdzxphk2NK2JChTEy4niH4mpQM6uaWS+6pJcLEklrgvT7gT4w8v3shIIlW/BU8iPo9b9++p7peDxd4N0UrwbvhQz9YQIJyZhJa6kpWSIIqQunjfCqrv24WssGxzNuM/O0koOO/uOVOFqScqQwGv/aSzVL2mSJFwwthPdQ5mSL2XT+U=</SessionToken>\n <Expiration>2024-09-14T08:25:05Z</Expiration>\n </Credentials>\n </AssumeRoleResult>\n <ResponseMetadata>\n <RequestId>ea0a9c7b-c85e-44f3-a254-3dd579f90040</RequestId>\n </ResponseMetadata>\n</AssumeRoleResponse>\n'
2024-09-14 16:25:05,207 - botocore.hooks - DEBUG - Event needs-retry.sts.AssumeRole: calling handler <botocore.retryhandler.RetryHandler object at 0x107a417c0>
2024-09-14 16:25:05,207 - botocore.retryhandler - DEBUG - No retry needed.
2024-09-14 16:25:05,208 - botocore.credentials - DEBUG - Retrieved credentials will expire at: 2024-09-14 08:25:05+00:00
2024-09-14 16:25:05,209 - botocore.auth - DEBUG - Calculating signature using v4 auth.
2024-09-14 16:25:05,209 - botocore.auth - DEBUG - CanonicalRequest:
GET
/
encryption=
host:sample-bucket.s3.ap-east-1.amazonaws.com
x-amz-content-sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
x-amz-date:20240914T072505Z
x-amz-security-token:IQoJb3JpZ2luX2VjEKf//////////wEaCWFwLWVhc3QtMSJGMEQCIEebnyFAF+rhnhYhJA+zox9t9tr3m+XitmMi8lToND3yAiBPJBK4jfqcbS+CZO/UCYQ4WoFqSC62tyIsQxGGB2Ii4yqxAgjR//////////8BEAIaDDc2NzM1OTI3MjU4MyIM1SNJqPUUfuO4JWqgKoUC9whdgxah0nBe23ViIiU0QcOklvfNk9awh9b6qst5H7M0JB1MR5FALcyxNKisKQ9PPdi8snSBJoUKBUqdG0MeKlz9rsaqCqiMgDlBBFAlNOF2vZNhZ10GCU23vz06iIhkgOQlBLvoIKtxVcypyOCUyHAPJQ5nIyM2E8pmuDhANzHfTS6h9/ybNlCGuS8++ozvtRyJqAaxQisL7qSUA7ncpBcbt734akF8t5IE00Ur8RhVjJCbr2Twyf3E40EFLNu/Mu3urOkH0Jmf4YpDncI89ktV1S/gcGOp4ByHUed2iv5BODRzL7YJ+P/FzJ0GtvgDCX8/s4/Cdzxphk2NK2JChTEy4niH4mpQM6uaWS+6pJcLEklrgvT7gT4w8v3shIIlW/BU8iPo9b9++p7peDxd4N0UrwbvhQz9YQIJyZhJa6kpWSIIqQunjfCqrv24WssGxzNuM/O0koOO/uOVOFqScqQwGv/aSzVL2mSJFwwthPdQ5mSL2XT+U=
host;x-amz-content-sha256;x-amz-date;x-amz-security-token
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
2024-09-14 16:25:05,209 - botocore.auth - DEBUG - StringToSign:
AWS4-HMAC-SHA256
20240914T072505Z
20240914/ap-east-1/s3/aws4_request
917637b60a64e9b238ebb635775a657c273328dbdce78ba9fa9513777b5e5072
2024-09-14 16:25:05,209 - botocore.auth - DEBUG - Signature:
38ff91e238973757e20d92125028f807a6fd6fa049e62bd73e3b3ff9123f0197
2024-09-14 16:25:05,209 - botocore.hooks - DEBUG - Event request-created.s3.GetBucketEncryption: calling handler <function add_retry_headers at 0x106ee7c10>
2024-09-14 16:25:05,209 - botocore.endpoint - DEBUG - Sending http request: <AWSPreparedRequest stream_output=False, method=GET, url=https://sample-bucket.s3.ap-east-1.amazonaws.com/?encryption, headers={'User-Agent': b'Boto3/1.35.14 md/Botocore#1.35.14 ua/2.0 os/macos#23.5.0 md/arch#x86_64 lang/python#3.9.6 md/pyimpl#CPython cfg/retry-mode#legacy Botocore/1.35.14', 'X-Amz-Date': b'20240914T072505Z', 'X-Amz-Security-Token': b'IQoJb3JpZ2luX2VjEKf//////////wEaCWFwLWVhc3QtMSJGMEQCIEebnyFAF+rhnhYhJA+zox9t9tr3m+XitmMi8lToND3yAiBPJBK4jfqcbS+CZO/UCYQ4WoFqSC62tyIsQxGGB2Ii4yqxAgjR//////////8BEAIaDDc2NzM1OTI3MjU4MyIM1SNJqPUUfuO4JWqgKoUC9whdgxah0nBe23ViIiU0QcOklvfNk9awh9b6qst5H7M0JB1MR5FALcyxNKisKQ9PPdi8snSBJoUKBUqdG0MeKlz9rsaqCqiMgDlBBFAlNOF2vZNhZ10GCU23vz06iIhkgOQlBLvoIKtxVcypyOCUyHAPJQ5nIyM2E8pmuDhANzHfTS6h9/ybNlCGuS8++ozvtRyJqAaxQisL7qSUA7ncpBcbt734akF8t5IE00Ur8RhVjJCbr2Twyf3E40EFLNu/Mu3urOkH0Jmf4YpDncI89ktV1S/gEeGOp4ByHUed2iv5BODRzL7YJ+P/FzJ0GtvgDCX8/s4/Cdzxphk2NK2JChTEy4niH4mpQM6uaWS+6pJcLEklrgvT7gT4w8v3shIIlW/BU8iPo9b9++p7peDxd4N0UrwbvhQz9YQIJyZhJa6kpWSIIqQunjfCqrv24WssGxzNuM/O0koOO/uOVOFqScqQwGv/aSzVL2mSJFwwthPdQ5mSL2XT+U=', 'X-Amz-Content-SHA256': b'e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855', 'Authorization': b'AWS4-HMAC-SHA256 Credential=ASIA3FKRNI2DU662BO4B/20240914/ap-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-security-token, Signature=38ff91e238973757e20d92125028f807a6fd6fa049e62bd73e3b3ff9123f0197', 'amz-sdk-invocation-id': b'7f8fd059-5e0f-4fb9-8e3d-9534828f914f', 'amz-sdk-request': b'attempt=1'}>
2024-09-14 16:25:05,210 - botocore.httpsession - DEBUG - Certificate path: /Users/user1/.local/share/virtualenvs/src-mIRAKl2p/lib/python3.9/site-packages/certifi/cacert.pem
2024-09-14 16:25:05,517 - botocore.parsers - DEBUG - Response headers: {'x-amz-id-2': '3kGhKxOGyb1a2mF7bS9NcbwSQzLk4PrZSEIhpDjn1QYXvWHc0qnSCuRgtMojf6EicM/GKfEu3iY=', 'x-amz-request-id': 'PZXCZGMDCVABFWXB', 'Date': 'Sat, 14 Sep 2024 07:25:06 GMT', 'Transfer-Encoding': 'chunked', 'Server': 'AmazonS3'}
2024-09-14 16:25:05,517 - botocore.parsers - DEBUG - Response body:
b'<?xml version="1.0" encoding="UTF-8"?>\n<ServerSideEncryptionConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/"><Rule><BucketKeyEnabled>true</BucketKeyEnabled><ApplyServerSideEncryptionByDefault><SSEAlgorithm>AES256</SSEAlgorithm></ApplyServerSideEncryptionByDefault></Rule></ServerSideEncryptionConfiguration>'
2024-09-14 16:25:05,521 - botocore.hooks - DEBUG - Event needs-retry.s3.GetBucketEncryption: calling handler <botocore.retryhandler.RetryHandler object at 0x107a39400>
2024-09-14 16:25:05,521 - botocore.retryhandler - DEBUG - No retry needed.
2024-09-14 16:25:05,521 - botocore.hooks - DEBUG - Event needs-retry.s3.GetBucketEncryption: calling handler <bound method S3RegionRedirectorv2.redirect_from_error of <botocore.utils.S3RegionRedirectorv2 object at 0x107a394c0>>
{'ResponseMetadata': {'RequestId': 'PZXCZGMDCVABFWXB', 'HostId': '3kGhKxOGyb1a2mF7bS9NcbwSQzLk4PrZSEIhpDjn1QYXvWHc0qnSCuRgtMojf6EicM/GKfEu3iY=', 'HTTPStatusCode': 200, 'HTTPHeaders': {'x-amz-id-2': '3kGhKxOGyb1a2mF7bS9NcbwSQzLk4PrZSEIhpDjn1QYXvWHc0qnSCuRgtMojf6EicM/GKfEu3iY=', 'x-amz-request-id': 'PZXCZGMDCVABFWXB', 'date': 'Sat, 14 Sep 2024 07:25:06 GMT', 'transfer-encoding': 'chunked', 'server': 'AmazonS3'}, 'RetryAttempts': 0}, 'ServerSideEncryptionConfiguration': {'Rules': [{'ApplyServerSideEncryptionByDefault': {'SSEAlgorithm': 'AES256'}, 'BucketKeyEnabled': True}]}}Hi @odgrso, thanks for the logs. Could you try using a new IAM role? Make sure it has the S3 action "s3:GetEncryptionConfiguration" ( https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazons3.html ) added in your policy.
Thank you.
odgrso
commented
5 days ago As you can see from the fact that the following code works fine, the switch role already has the s3:GetEncryptionConfiguration (ReadOnlyAccess). In case you are wondering, I tried to run the code with s3:GetEncryptionConfiguration again, but it did not change.
import boto3
session = boto3.Session(profile_name="test")
s3_client = session.client("s3", region_name="ap-east-1")
response = s3_client.get_bucket_encryption(Bucket="<bucket_name>")
print(response)
Describe the bug
Using switch role profiles to generate iam client and S3 client and calling S3 API results in error
Expected Behavior
Generating an iam client should work fine
Current Behavior
Generating iam client before S3 client and calling S3 API results in error
Reproduction Steps
Configure switch roles in ~/.aws/config
It works fine if you do the following
However, the following will result in an error
botocore.exceptions.ClientError: An error occurred (InvalidToken) when calling the GetBucketEncryption operation: The provided token is malformed or otherwise invalid.
Possible Solution
No response
Additional Information/Context
No response
SDK version used
1.35.14
Environment details (OS name and version, etc.)
Darwin MacBook-Pro.local 23.5.0 Darwin Kernel Version 23.5.0: Wed May 1 20:09:52 PDT 2024; root:xnu-10063.121.3~5/RELEASE_X86_64 x86_64