[Nix-dev] Oddity with Charon and AWS
Jonas Pfenniger (zimbatm)
jonas at pfenniger.name
Fri Mar 1 13:25:12 CET 2013
Also check that your computer clock is in sync. Signature-based auth
generally have a short window of time in which they are valid.
On 28 February 2013 12:17, Eelco Dolstra <eelco.dolstra at logicblox.com>wrote:
> Hi,
>
> On 27/02/13 14:41, Luke Vanderhart wrote:
>
> > Today I noticed some strange behavior with the project we're deploying
> using Charon.
> >
> > When I create a new deployment and run `charon deploy` for the first
> time, I get
> > a 403 Forbidden error from Amazon as it tries to create the instances:
> >
> > error: EC2ResponseError: 403 Forbidden
> > <?xml version="1.0" encoding="UTF-8"?>
> > <Response><Errors><Error><Code>UnauthorizedOperation</Code><Message>You
> are not
> > authorized to perform this
> >
> operation.</Message></Error></Errors><RequestID>473fc28f-b05d-4de7-be24-4e383dbabf8f</RequestID></Res
> > ponse>
> >
> > The really odd thing is that if I run the exactly same `charon deploy`
> again, it
> > works.
>
> Looks like another timing issue between IAM and EC2 (eventual consistency
> yay!).
> Charon already retries instance creation if it gets InvalidParameterValue
> from
> EC2, but it looks like we need to retry on UnauthorizedOperation as well...
>
> --
> Eelco Dolstra | LogicBlox, Inc. | http://nixos.org/~eelco/
> _______________________________________________
> nix-dev mailing list
> nix-dev at lists.science.uu.nl
> http://lists.science.uu.nl/mailman/listinfo/nix-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.science.uu.nl/pipermail/nix-dev/attachments/20130301/f9fc0f12/attachment.html
More information about the nix-dev
mailing list