[gdal-dev] errors using IAM instance profile auth in s3
michael.smith.erdc at gmail.com
michael.smith.erdc at gmail.com
Sat Nov 19 06:02:04 PST 2022
Just recently I’m seeing errors using iam profile authentication using /vsis3 drivers in gdal (over multiple versions).
gdalinfo /vsis3/grid-dev-publiclidar/estonia/dtm/estonia-dtm-5m.tif
HTTP: Fetch(http://169.254.169.254/latest/api/token)
HTTP: libcurl/7.86.0 OpenSSL/3.0.7 zlib/1.2.13 libssh2/1.10.0 nghttp2/1.47.0
HTTP: These HTTP headers were set: X-aws-ec2-metadata-token-ttl-seconds: 10
HTTP: Fetch(http://169.254.169.254/latest/meta-data/iam/security-credentials/)
HTTP: Fetch(http://169.254.169.254/latest/meta-data/iam/security-credentials/iam-grid-s3)
AWS: Storing AIM credentials until 2022-11-19T19:39:17Z
gdalinfo failed - unable to open '/vsis3/grid-dev-publiclidar/estonia/dtm/estonia-dtm-5m.tif'.
You can see it fetching the credentials. And if I manually fetch the credentials and set the AWS_ variables (access/secret/session) then it all works
Mike
Michael Smith
US Army Corps RSGIS Center
More information about the gdal-dev
mailing list