grosser
commented
6 years ago might be able to store when the token was created and then just compare time instead of doing extra api calls
Closed chrisroberts closed 6 years ago
grosser
commented
6 years ago might be able to store when the token was created and then just compare time instead of doing extra api calls
chrisroberts
commented
6 years ago Is the error being encountered when setting the aws_sts_role_arn in the .sfn configuration file or is the token information being provided directly in the config?
grosser
commented
6 years ago we only set AWS_ACCESS_KEY_ID / SECRET_ACCESS_KEY it works for ~1 hour and then fails
export AWS_ACCESS_KEY_ID=
export AWS_SECRET_ACCESS_KEY=
export AWS_STS_ROLE_ARN=
[20:58:53] sfn update foo-bar-stack -f sparkleformation/templates/node.rb --defaults --yes
...
[21:58:58] ERROR: Miasma::Error::ApiError::RequestError: Forbidden - ExpiredToken: The security token included in the request is expired
[21:58:58] gems/miasma-0.3.4/lib/miasma/types/api.rb:126:in `block in request'
[21:58:58] gems/bogo-0.2.12/lib/bogo/retry.rb:65:in `run!'
[21:58:58] gems/miasma-0.3.4/lib/miasma/types/api.rb:148:in `retryable_request'
[21:58:58] gems/miasma-0.3.4/lib/miasma/types/api.rb:123:in `request'
[21:58:58] gems/miasma-aws-0.3.16/lib/miasma/contrib/aws/orchestration.rb:550:in `block in resource_all'
[21:58:58] gems/miasma-aws-0.3.16/lib/miasma/contrib/aws.rb:32:in `all_result_pages'
[21:58:58] gems/miasma-aws-0.3.16/lib/miasma/contrib/aws/orchestration.rb:547:in `resource_all'
[21:58:58] gems/miasma-0.3.4/lib/miasma/models/orchestration/resources.rb:47:in `perform_population'
[21:58:58] gems/miasma-0.3.4/lib/miasma/types/collection.rb:21:in `block in all'
Token expiry needs to be checked prior to request and updated if expired or within an define expiry window.
Original issue: miasma-rb/miasma#23