This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2023-11-02
Channels
- # announcements (3)
- # aws (8)
- # babashka (87)
- # babashka-sci-dev (3)
- # beginners (34)
- # calva (35)
- # clerk (2)
- # clj-commons (47)
- # cljdoc (10)
- # cljs-dev (21)
- # clojure (19)
- # clojure-android (1)
- # clojure-austin (2)
- # clojure-europe (30)
- # clojure-nl (1)
- # clojure-norway (67)
- # clojure-uk (9)
- # clojuredesign-podcast (7)
- # clojurescript (24)
- # code-reviews (20)
- # cursive (6)
- # datomic (12)
- # emacs (14)
- # events (1)
- # fulcro (7)
- # gratitude (1)
- # hoplon (8)
- # hyperfiddle (23)
- # juxt (22)
- # meander (11)
- # nyc (3)
- # overtone (2)
- # podcasts-discuss (1)
- # reagent (3)
- # releases (1)
- # sci (27)
- # shadow-cljs (73)
- # squint (4)
- # thejaloniki (3)
- # xtdb (7)
Hi! I’m running on EKS. Isn’t aws-api supposed to just pick up my instance role? Or must I do something special? Amazonica seems to work fine
# Using:
# com.cognitect.aws/api {:mvn/version "0.8.686"}
# com.cognitect.aws/endpoints {:mvn/version "1.1.12.504"}
{
"cognitect.anomalies/category": "cognitect.anomalies/fault",
"cognitect.anomalies/message": "Unable to fetch credentials. See log for more details."
}
(I verified that my instance role is reasonable, by having my Clojure program call IMDSv2)
BTW it printed nothing to the k8s pod’s logs…This sounds like the same issue as https://github.com/cognitect-labs/aws-api/issues/243. tl;dr - aws-api does not (yet) support IMDSv2. If so, then yeah we're aware of it but don't have a timetable on a fix yet. Sorry, I wish I had a better answer for you.
Yeah - not that they're not desired, but we just don't have a policy and process in place currently to accept them. (Personally I hope we change that soon.)
Could I simply create a cognitect.aws.credentials/CredentialsProvider
that handles IMDSv2?
(That’s my understanding of the https://github.com/cognitect-labs/aws-api/blob/main/examples/assume_role_example.clj mentioned in the readme)
> Could I simply create a cognitect.aws.credentials/CredentialsProvider
that handles IMDSv2?
I believe that's what is required, yes.
Hokie dokie, for anyone hit by the aws-api problem under Amazon Linux 2023, here’s a wee workaround: https://github.com/cognitect-labs/aws-api/issues/243#issuecomment-1793615398
Hokie dokie, for anyone hit by the aws-api problem under Amazon Linux 2023, here’s a wee workaround: https://github.com/cognitect-labs/aws-api/issues/243#issuecomment-1793615398