[PR #1987/0ced1a53 backport][stable-8] Use HeadBucket instead of GetBucketLocation (#1979) #2215
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SUMMARY Replacing the call to get_bucket_location with a call to head_bucket in Connection._get_bucket_endpoint(). The GetBucketLocation API call only works from the bucket owner account. This enables using a bucket owned by another accout, e.g. a shared organization bucket when running cross-account. Fixes #1979. ISSUE TYPE Bugfix Pull Request COMPONENT NAME aws_ssm ADDITIONAL INFORMATION The official documentation for the GetBucketLocation API call states it is only supported for backwards compatibility and recomends using HeadBucket instead. # Before change PLAY [Minimal playbook] ******************************************************** TASK [Gathering Facts] ********************************************************* An exception occurred during task execution. To see the full traceback, use -vvv. The error was: botocore.exceptions.ClientError: An error occurred (AccessDenied) when calling the GetBucketLocation operation: Access Denied fatal: [i-00a8cb5930bd5f7dc]: FAILED! => {"msg": "Unexpected failure during module execution: An error occurred (AccessDenied) when calling the GetBucketLocation operation: Access Denied", "stdout": ""} PLAY RECAP ********************************************************************* i-00a8cb5930bd5f7dc : ok=0 changed=0 unreachable=0 failed=1 skipped=0 rescued=0 ignored=0 # After change PLAY [Minimal playbook] ******************************************************** TASK [Gathering Facts] ********************************************************* Warning: : Platform linux on host i-00a8cb5930bd5f7dc is using the discovered Python interpreter at /usr/libexec/platform-python, but future installation of another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible- core/2.15/reference_appendices/interpreter_discovery.html for more information. ok: [i-00a8cb5930bd5f7dc] TASK [Ping] ******************************************************************** ok: [i-00a8cb5930bd5f7dc] PLAY RECAP ********************************************************************* i-00a8cb5930bd5f7dc : ok=2 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 Reviewed-by: Markus Bergholz <git@osuv.de> Reviewed-by: Alina Buzachis Reviewed-by: fabiolafm Reviewed-by: Bikouo Aubin (cherry picked from commit 0ced1a5)
|
Build failed. ✔️ ansible-galaxy-importer SUCCESS in 3m 46s (non-voting) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is a backport of PR #1987 as merged into main (0ced1a5).
SUMMARY
Replacing the call to get_bucket_location with a call to head_bucket in Connection._get_bucket_endpoint().
The GetBucketLocation API call only works from the bucket owner account. This enables using a bucket owned by another accout, e.g. a shared organization bucket when running cross-account.
Fixes #1979.
ISSUE TYPE
COMPONENT NAME
aws_ssm
ADDITIONAL INFORMATION
The official documentation for the GetBucketLocation API call states it is only supported for backwards compatibility and recomends using HeadBucket instead.