Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document AWS_SDK_LOAD_CONFIG to load profiles from the shared config #199

Merged
merged 1 commit into from
Sep 28, 2019
Merged

Document AWS_SDK_LOAD_CONFIG to load profiles from the shared config #199

merged 1 commit into from
Sep 28, 2019

Conversation

pdecat
Copy link
Contributor

@pdecat pdecat commented Sep 27, 2019

To get terraformer to work with the AWS profiles I have in my ~/.aws/config file, I had to set the AWS_SDK_LOAD_CONFIG to true.

Without that option, I get the following warning (with a ~25s delay) and nothing is imported:

# terraformer version
Terraformer v0.8.0

# terraformer import aws --resources=route53 --profile=myprofile --regions=eu-west-1
2019/09/27 17:00:01 aws importing region eu-west-1
2019/09/27 17:00:01 aws importing... route53
2019/09/27 17:00:25 NoCredentialProviders: no valid providers in chain. Deprecated.
        For verbose messaging see aws.Config.CredentialsChainVerboseErrors
2019/09/27 17:00:25 [TRACE] GRPCProvider: GetSchema
2019/09/27 17:00:25 [TRACE] GRPCProvider: Configure
2019/09/27 17:00:38 [TRACE] GRPCProvider: GetSchema
2019/09/27 17:00:38 [TRACE] GRPCProvider: GetSchema
2019/09/27 17:00:38 [TRACE] GRPCProvider: Configure
2019/09/27 17:00:50 aws Connecting.... 
2019/09/27 17:00:50 aws save route53
2019/09/27 17:00:50 [DEBUG] New state was assigned lineage "f607c9b7-28e7-961b-65eb-5869e7eae5b1"
2019/09/27 17:00:50 aws save tfstate for route53

This happens because the SharedConfigState is set to session.SharedConfigStateFromEnv (https://github.com/GoogleCloudPlatform/terraformer/blob/0.8/providers/aws/aws_service.go#L34), which makes session.NewSessionWithOptions() rely on that environment variable (https://github.com/aws/aws-sdk-go/blob/v1.22.0/aws/session/session.go#L251).

Adding the following trace emphasizes the issue:

diff --git a/providers/aws/aws_service.go b/providers/aws/aws_service.go
index 0e60673..8cbe598 100644
--- a/providers/aws/aws_service.go
+++ b/providers/aws/aws_service.go
@@ -15,6 +15,7 @@
 package aws

 import (
+       "log"
        "os"

        "github.com/GoogleCloudPlatform/terraformer/terraform_utils"
@@ -39,5 +40,7 @@ func (s *AWSService) generateSession() *session.Session {
        os.Setenv("AWS_SECRET_ACCESS_KEY", creds.SecretAccessKey)
        os.Setenv("AWS_SESSION_TOKEN", creds.SessionToken)

+       log.Printf("[TRACE] generateSession: %v", creds)
+
        return sess
 }

# terraformer import aws --resources=route53 --profile myprofile --regions=eu-west-1                                                                                           
2019/09/27 17:08:46 aws importing region eu-west-1
2019/09/27 17:08:46 aws importing... route53
2019/09/27 17:08:58 [TRACE] generateSession: {   }
2019/09/27 17:09:10 NoCredentialProviders: no valid providers in chain. Deprecated.
        For verbose messaging see aws.Config.CredentialsChainVerboseErrors
2019/09/27 17:09:10 [TRACE] GRPCProvider: GetSchema
2019/09/27 17:09:10 [TRACE] GRPCProvider: Configure
2019/09/27 17:09:22 [TRACE] GRPCProvider: GetSchema
2019/09/27 17:09:23 [TRACE] GRPCProvider: GetSchema
2019/09/27 17:09:23 [TRACE] GRPCProvider: Configure
2019/09/27 17:09:35 aws Connecting....
2019/09/27 17:09:35 aws save route53
2019/09/27 17:09:35 [DEBUG] New state was assigned lineage "f90f6697-b18b-3fcd-5b38-61b7ce0e8e66"                                                                                       
2019/09/27 17:09:35 aws save tfstate for route53

With AWS_SDK_LOAD_CONFIG=true:

AWS_SDK_LOAD_CONFIG=true terraformer import aws --resources=route53 --profile=myprofile --regions=eu-west-1                                                                   
2019/09/27 17:10:52 aws importing region eu-west-1                                                                                                                                       
2019/09/27 17:10:52 aws importing... route53                                                                                                                                             
2019/09/27 17:10:53 [TRACE] generateSession: {ASIA******, cWLD******=, AssumeRoleProvider}
2019/09/27 17:10:54 [TRACE] GRPCProvider: GetSchema                                                                                                                                      
2019/09/27 17:10:54 [TRACE] GRPCProvider: Configure                                                                                                                                      
2019/09/27 17:10:57 [TRACE] GRPCProvider: GetSchema                                                                                                                                      
2019/09/27 17:10:57 [TRACE] GRPCProvider: GetSchema                                                                                                                                      
2019/09/27 17:10:57 [TRACE] GRPCProvider: Configure                                                                                                                                      
2019/09/27 17:10:59 Refreshing state... aws_route53_record.Z******-mydomain--_SOA_                                                               
...
2019/09/27 17:11:01 [TRACE] GRPCProvider: GetSchema
2019/09/27 17:11:01 [TRACE] GRPCProvider: ReadResource
2019/09/27 17:11:05 aws Connecting....
2019/09/27 17:11:05 aws save route53
2019/09/27 17:11:05 [DEBUG] New state was assigned lineage "6ae3cbde-0d88-adaa-b9c1-5aa5c3afb7e9"                                                                                       
2019/09/27 17:11:05 aws save tfstate for route53

@pdecat
Copy link
Contributor Author

pdecat commented Sep 27, 2019

Related to this change: https://github.com/GoogleCloudPlatform/terraformer/pull/189/files#diff-3046e9e793fb016d4d6e2f5804fec0a2R34

@pdecat pdecat mentioned this pull request Sep 27, 2019
Merged
@meshuga
Copy link
Contributor

meshuga commented Sep 27, 2019

Thanks for that docs! I suspect explicit configuration of that parameter previously was the cause of #188, so enforcing the standard env variable is the best we can do in here.

@meshuga meshuga mentioned this pull request Sep 28, 2019
Merged
@sergeylanzman sergeylanzman merged commit 7033ade into GoogleCloudPlatform:master Sep 28, 2019
@pdecat pdecat deleted the doc_aws_shared_config branch September 28, 2019 21:52
bigpapabear805
bigpapabear805 reviewed Dec 11, 2020
View reviewed changes
Copy link

@bigpapabear805 bigpapabear805 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bhh

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bigpapabear805 bigpapabear805 bigpapabear805 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@pdecat @meshuga @bigpapabear805 @sergeylanzman