[Nix-dev] Oddity with Charon and AWS

Eelco Dolstra eelco.dolstra at logicblox.com
Thu Feb 28 13:17:45 CET 2013


Hi,

On 27/02/13 14:41, Luke Vanderhart wrote:

> Today I noticed some strange behavior with the project we're deploying using Charon.
> 
> When I create a new deployment and run `charon deploy` for the first time, I get
> a 403 Forbidden error from Amazon as it tries to create the instances:
> 
> error: EC2ResponseError: 403 Forbidden
> <?xml version="1.0" encoding="UTF-8"?>
> <Response><Errors><Error><Code>UnauthorizedOperation</Code><Message>You are not
> authorized to perform this
> operation.</Message></Error></Errors><RequestID>473fc28f-b05d-4de7-be24-4e383dbabf8f</RequestID></Res
> ponse>
> 
> The really odd thing is that if I run the exactly same `charon deploy` again, it
> works. 

Looks like another timing issue between IAM and EC2 (eventual consistency yay!).
 Charon already retries instance creation if it gets InvalidParameterValue from
EC2, but it looks like we need to retry on UnauthorizedOperation as well...

-- 
Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/


More information about the nix-dev mailing list