Closed
Bug 1047063
Opened 10 years ago
Closed 10 years ago
Need read permissions to subnets
Categories
(Release Engineering :: General, defect)
Release Engineering
General
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: dustin, Assigned: catlee)
References
Details
With both my own and buildduty's AWS credentials: File "/home/dustin/tmp/ve/lib/python2.7/site-packages/boto/vpc/__init__.py", line 1138, in get_all_subnets return self.get_list('DescribeSubnets', params, [('item', Subnet)]) File "/home/dustin/tmp/ve/lib/python2.7/site-packages/boto/connection.py", line 1158, in get_list raise self.ResponseError(response.status, response.reason, body) boto.exception.EC2ResponseError: EC2ResponseError: 401 Unauthorized <?xml version="1.0" encoding="UTF-8"?> <Response><Errors><Error><Code>AuthFailure</Code><Message>AWS was not able to validate the provided access credentials</Message></Error></Errors><RequestID>626a3bda-46e8-41ae-b702-c345ea74eac8</RequestID></Response> I'll need this access for an automated system (firewall-tests), so a role account with this permission (really, read access to everything ec2 and everything vpc). But if that's harder than just adding a permission for my account, that'd be great. This is blocking work on firewall tests.
Reporter | ||
Updated•10 years ago
|
Flags: needinfo?(catlee)
Reporter | ||
Comment 1•10 years ago
|
||
My account has the proper permissions now, which unblocks me, but as we automate this I'll need a role account, too.
Reporter | ||
Comment 2•10 years ago
|
||
I took care of this, creating a 'firewall-tests' user with { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "ec2:DescribeInstances", "ec2:DescribeSubnets", "ec2:DescribeSecurityGroups" ], "Resource": "*" } ] }
Flags: needinfo?(catlee)
Reporter | ||
Updated•10 years ago
|
Status: NEW → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Updated•9 years ago
|
QA Contact: pmoore → mshal
You need to log in
before you can comment on or make changes to this bug.
Description
•