Closed sstarcher closed 8 years ago
bacongobbler
commented
8 years ago I think there are technical limitations to getting this to work as we need to know more about the host to determine if the database is running on an AWS instance. Any thoughts on how we can determine that in a clean way?
sstarcher
commented
8 years ago I don't think it's necessary to determine if it's an AWS instance. If the values are not required to be set and can be left empty that should solve the issue.
bacongobbler
commented
8 years ago Good thought, but what about other providers where this information is mandatory? I'd think it'd be better to fail fast on bare metal when an AWS access key is not provided rather than an obscure connection error from boto3.
I think we'd need to look into that first to see if that's an easy enough fix to do.
sstarcher
commented
8 years ago Sure it depends at what time you want to catch configuration errors. Currently with the Deis setup through helm I can supply invalid or blank AWS credentials and those are not caught until runtime. The only thing stopping this from functioning as is, is that the code currently errors at runtime if the credentials are empty.
Instead of erroring if the credentials are empty it could attempt to make an aws api call to validate the aws credential chain has credentials.
Currently if invalid credentials are specified it will just blow through the exists check.
kmala
commented
8 years ago fixed by #117
accesskey and secretkey should not be required as aws-sdk when running on an AWS instance will pull the credentials from the metadata service