Chef on AWS - ERROR: Fog::Compute::AWS::Error: AuthFailure - amazon-web-services

Chef Workstation and Server is setup on AWS as follows:
Chef Development Kit Version: 0.10.0,
Chef-server 12.2,
chef-client version: 12.5
This setup has been working for around an year.
Today, got following error when creating ec2 instance by executing'knife ec2 server create' command on chef-workstation.
ERROR: Fog::Compute::AWS::Error: AuthFailure => AWS was not able to validate the provided access credentials
There is no change in aws auth keys or file permissions. I'm not able to understand why this error all of sudden?
Thanks for any pointers.

Related

AWS Replication Agent installation failed

I'm trying to install AWS Replication Agent on ubuntu20 server. As per document, I have created IAM user with below AWS managed policy.
AWSElasticDisasterRecoveryAgentInstallationPolicy
AWSElasticDisasterRecoveryAgentPolicy
When i tried to install agent on ubuntu20 server, I received Unexpected error and Installation failed even i attached Administrator full access policy.
Unexpected Error
Installation failed.
Learn more about installation issues in our documentation at
https://docs.aws.amazon.com/drs/latest/userguide/Troubleshooting-Agent-Issues.html
Can any one please let me know why I'm getting this error?

AWS CLI Unable to Create RDS Instance

I am following an AWS lambda tutorial https://docs.aws.amazon.com/lambda/latest/dg/vpc-rds-create-rds-mysql.html and the first step is to create an RDS instance via the CLI but I am getting the following error...
Invalid endpoint: https://rds.us-east-2.amazonaws.com
I've tried specifying a couple other parameters such as --availability-zone, -vpc-security-group-ids, etc but it still is saying the endpoint doesn't exist?
Make sure you have the latest version of the AWS CLI tool installed. It sounds like you have an older version before us-east-2 was added. You can check the version you have installed by running aws --version.

aws kops create cluster errors out as InvalidClientTokenId

I am actually trying to deploy my application using Kubernetes in the AWS Kops. For this i followed the steps given in the AWS workshop tutorial.
https://github.com/aws-samples/aws-workshop-for-kubernetes/tree/master/01-path-basics/101-start-here
I created a AWS Cloud9 environment by logging in as a IAM user and installed kops and other required software's as well. When i try to create the cluster using the following command
kops create cluster --name cs.cluster.k8s.local --zones $AWS_AVAILABILITY_ZONES
--yes
i get an error like below in the cloud9 IDE
error running tasks: deadline exceeded executing task IAMRole/nodes.cs.cluster.k8s.local. Example error: error creating IAMRole: InvalidClientTokenId: The security token included in the request is invalid
status code: 403, request id: 30fe2a97-0fc4-11e8-8c48-0f8441e73bc3
I am not able to find a way to solve this issue. Any help on this would be appreciable.
I found the issue and fixed it. Actually
I did not export the following 2 environment variables in the terminal where I am running create cluster. These 2 below variables are required while creating a cluster using kops
export AWS_ACCESS_KEY_ID=$(aws configure get aws_access_key_id)
export AWS_SECRET_ACCESS_KEY=$(aws configure get aws_secret_access_key)

Jenkins on AWS EC2 instance unable to use instance profile after upgrade

I had a Jenkins 2.46 installation running on an EC2 box, associated to a IAM role through an instance profile.
Jenkins was able to do various tasks requiring AWS credentials (f.e. use terraform, upload files to s3, access CodeCommit git repos) using just the instance profile role (no access key or secret keys were stored on the instance).
After upgrading to Jenkins 2.89, this is no longer the case: every task requiring authentication with AWS fails with a 403 error.
However, running a command on the instance bash as the jenkins user still works fine (f.e. running sudo -u jenkins /usr/bin/aws s3 ls s3://my-bucket/ lists bucket files; running the same command into Jenkins' Script Console yelds a 403).
I read the release notes of every version from 2.46 to 2.89 but I did not find anything relevant.
Jenkins was installed and updated through yum, the aws cli was installed using the bundled installer provided by AWS.

AWS plugin on Jenkins

I'm trying to use Jenkins as a build server hosted on aws. For that I have an EC2 instance with Jenkins up and running. I installed the AWS EC2 plugin but when I try to configure it (by going to jenkins -> configure system -> add cloud -> aws) I get the following error:
Stack trace
com.amazonaws.SdkClientException: Unable to load AWS credentials from any provider in the chain
at com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:131)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.getCredentialsFromContext(AmazonHttpClient.java:
I can't even fill in the AWS credentials.
Anybody have any thoughts on this?
some people have worked around this error by not ticking the "IAM Role" checkbox when configuring AWS.
see open jenkins issue: S3 plugin - Unable to load AWS credentials from any provider in the chain
see also stackoverflow question: Unable to load AWS credentials from any provider in the chain - Jenkins & AWS codepipeline