Print the profile being used before attempting to authenticate #56
Comments
|
Sidebar, the reason I was doing the debugging is Comcast DNS servers we timing out on certain AWS domain names (but not others). So, eksctl didn't work, but I could reach other k8s clusters on aws and gke (but my Plume wifi devices, which dial home to an AWS domain, had been offline for a week for the same reason). So, if you get an error like "dialout i/o timeout" it may be DNS timing out. Not sure if this is worth highlighting in a separate ticket, as a user-aide error message. |
Typica with Go, I get these from |
|
Turns out this is pretty complicated, the SDK has a lot of logic to deal with different configuration modes, however there is no way to obtain profile being used. We can get credentials struct, but it doesn't have profile in it as such. Also, there is a mode where profile isn't even set, i.e. you just have credentials set as environment variables and no I think the most sensible way would be to expose a flag that would let you set profile explicitly to avoid any doubts about environment variables or anything else. |
|
Maybe we could print a sanitised credentials struct, e.g.: |
|
I would probably skip showing secret stuff (SecretAccessKey, SessionToken), even in an elided format. Otherwise, LGTM. |
|
We have |
Add README for CSI driver example
As I was trying to use eksctl, I spent a lot of time debugging whether or not it understood which profile to use mostly by digging through the source code. I was using .aws/credentials + AWS_PROFILE env var. Turns out, it does.
It would be very helpful, given this is meant to be a "guided experience" tool, if it just popped out a message when it started up telling you which profile it is trying to use, ala:
[x] Using aws profile: my-mfa-profileThe text was updated successfully, but these errors were encountered: