search

c6fc / npk

A mostly-serverless distributed hash cracking platform
508 stars 59 forks source link

S3 Bucket Specified for CloudFront Logs does not enable ACL access #88

Open austinzwile opened 1 year ago

austinzwile commented 1 year ago

The terraform script runs up until it's done copying the base wordlists into the 

s3://npk-dictionary-west-2-201810290XXXXXXXXXXX0900000002/

S3 bucket. Once that's done, the script fails out with this message:

Error: creating CloudFront Distribution: InvalidArgument: The S3 bucket that you specified for CloudFront logs does not enable ACL access: npk-logs-20230903202909195900000007.s3.amazonaws.com

status code: 400, request id: 800fe108-1ef7-4168-9db1-2780fc02c273

At this point, I'm unsure what's been enabled and what hasn't so I run npm run destroy to make sure there are no instances that are costing me money that I'm unaware of which seemed to run fine and ends with the following success message:

Destroy complete! Resources: 119 destroyed.
[+] Successfully destroyed

To see the full error log related to assigning the ACL to the CloudFront logs, please see the current behavior section which has the full error message/stack trace. I'm available to re-run basically whatever is needed and can provide more details.

I don't know if this is a potential reason, but I just got my service quota increased to:

40 DL Spot Instances
4 G and VT Spot Instance

I'm new to this and may be missing something but I am pretty sure that's all I needed, and that it's also most likely unrelated to the current issue. But I'm just trying to give as much detail as possible.

Here is the full error log that occurred at the point of failure:

null_resource.sync_npkcomponents (local-exec): copy: s3://npk-dictionary-west-2-xxxxxxxxxxxxxxxxxxxxxxxxx/wordlist/acdc.7z to s3://npk-dictionary-us-east-1-xxxxxxxxxxxxxxxxxxxxxxxxxx/wordlist/acdc.7z
null_resource.sync_npkcomponents: Creation complete after 1m23s [id=20042XXXXX9268XXX88]
╷
│ Error: creating CloudFront Distribution: InvalidArgument: The S3 bucket that you specified for CloudFront logs does not enable ACL access: npk-logs-xxxxxxxxxxxxxxxxxxxxxxxxxxxx.s3.amazonaws.com
│       status code: 400, request id: xxxxxxxx-1ef7-xxxx-9db1-xxxxxxxxxxxx
│ 
│   with aws_cloudfront_distribution.npk,
│   on cloudfront.tf.json line 70, in resource.aws_cloudfront_distribution.npk:
│   70:             }
│ 
╵
[!] Terraform apply failed with status code 1

Some IDs have been censored for security purposes, don't want some annoying people leveraging my instances (even though they've been destroyed) somehow.

Thanks for your continued work on this project! I've been trying to get it working for a while now because it looks so cool and me and my team (I work for a pentest practice) have to replace our rig due to new regulations within the company unfortunately and this seems like a great alternative. Let me know your thoughts and if any additional information is needed.

Respectfully, Austin Wile

tobias-rauch commented 6 months ago

Hey there,

having the same issue and also an issue with the lambda function :/ Were you able to somehow resolve it?

BR Tobias

│ Error: creating CloudFront Distribution: InvalidArgument: The S3 bucket that you specified for CloudFront logs does not enable ACL access: npk-logs-xxxxxxxxxxxxxxx.s3.amazonaws.com │ status code: 400, request id: xxxxxxxxxxxxxxx │ │ with aws_cloudfront_distribution.npk, │ on cloudfront.tf.json line 70, in resource.aws_cloudfront_distribution.npk: │ 70: } │ ╵ ╷ │ Error: creating Lambda Function (compression_pipe): operation error Lambda: CreateFunction, https response error StatusCode: 400, RequestID: xxxxxxxxxxxxxxx, InvalidParameterValueException: The runtime parameter of nodejs14.x is no longer supported for creating or updating AWS Lambda functions. We recommend you use the new runtime (nodejs20.x) while creating or updating functions. │ │ with aws_lambda_function.compression_pipe, │ on lambda-compression_pipe.tf.json line 135, in resource.aws_lambda_function.compression_pipe: │ 135: } │ ╵ ╷ │ Error: creating Lambda Function (spot_interrupt_catcher): operation error Lambda: CreateFunction, https response error StatusCode: 400, RequestID: xxxxxxxxxxxxxxx, InvalidParameterValueException: The runtime parameter of nodejs14.x is no longer supported for creating or updating AWS Lambda functions. We recommend you use the new runtime (nodejs20.x) while creating or updating functions. │ │ with aws_lambda_function.spot_interrupt_catcher, │ on lambda-spot_interrupt_catcher.tf.json line 109, in resource.aws_lambda_function.spot_interrupt_catcher: │ 109: } │ ╵ [!] Terraform apply failed with status code 1

tobias-rauch commented 6 months ago

@austinzwile hey there, just fyi, I was able to deploy the dev branch and everything seems to be working there :)

austinzwile commented 6 months ago

Hey Tobias,

Yes I did solve this issue but I don’t recall exactly how. I think I switched to the dev release instead of the stable variant and it fixed it but I’m not sure. I also nuked my AWS account so it was completely fresh.

Also, you’re going to need to request GPU spot instance quota increase in order to have everything work so that’s another lesson I learned the hard way, and AWS doesn’t love giving out the recommended quota. It took several months to get to 16 usable instances.

Best of luck on your journey getting it working! Once it’s up it’s pretty cool but you still have to fight for bids on the spot instances.

On Sun, Feb 25, 2024 at 4:02 AM Tobias Rauch @.***> wrote:

Hey there,

having the same issue and also an issue with the lambda function :/ Were you able to somehow resolve it?

BR Tobias

│ Error: creating CloudFront Distribution: InvalidArgument: The S3 bucket that you specified for CloudFront logs does not enable ACL access: npk-logs-xxxxxxxxxxxxxxx.s3.amazonaws.com │ status code: 400, request id: xxxxxxxxxxxxxxx │ │ with aws_cloudfront_distribution.npk, │ on cloudfront.tf.json line 70, in resource.aws_cloudfront_distribution.npk: │ 70: } │ ╵ ╷ │ Error: creating Lambda Function (compression_pipe): operation error Lambda: CreateFunction, https response error StatusCode: 400, RequestID: xxxxxxxxxxxxxxx, InvalidParameterValueException: The runtime parameter of nodejs14.x is no longer supported for creating or updating AWS Lambda functions. We recommend you use the new runtime (nodejs20.x) while creating or updating functions. │ │ with aws_lambda_function.compression_pipe, │ on lambda-compression_pipe.tf.json line 135, in resource.aws_lambda_function.compression_pipe: │ 135: } │ ╵ ╷ │ Error: creating Lambda Function (spot_interrupt_catcher): operation error Lambda: CreateFunction, https response error StatusCode: 400, RequestID: xxxxxxxxxxxxxxx, InvalidParameterValueException: The runtime parameter of nodejs14.x is no longer supported for creating or updating AWS Lambda functions. We recommend you use the new runtime (nodejs20.x) while creating or updating functions. │ │ with aws_lambda_function.spot_interrupt_catcher, │ on lambda-spot_interrupt_catcher.tf.json line 109, in resource.aws_lambda_function.spot_interrupt_catcher: │ 109: } │ ╵ [!] Terraform apply failed with status code 1

— Reply to this email directly, view it on GitHub https://github.com/c6fc/npk/issues/88#issuecomment-1962863265, or unsubscribe https://github.com/notifications/unsubscribe-auth/AXKSQ25UA2FMU5L5DIPWVYLYVL42VAVCNFSM6AAAAAA4KZQH7GVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSNRSHA3DGMRWGU . You are receiving this because you authored the thread.Message ID: @.***>