starred/s3fs-fuse
1
0
Fork 0
mirror of https://github.com/s3fs-fuse/s3fs-fuse.git synced 2026-04-25 13:26:00 +03:00
Code Issues 305 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #387] Why do you need to specify IAM role name? #204

New issue
Closed
opened 2026-03-04 01:43:13 +03:00 by kerem · 4 comments
kerem commented 2026-03-04 01:43:13 +03:00
Owner
Copy link

Originally created by @wimnat on GitHub (Apr 6, 2016).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/387

I would like to know why you need to specify IAM role name? When would IAM role specified be different than what can be found out from http://169.254.169.254/latest/meta-data/iam/info?

To maintain backward compatibility, I propose that you should be able to specify an option that reads the IAM role from http://169.254.169.254/latest/meta-data/iam/info and then uses this to authenticate.

My reasoning for this request - I want to add an s3fs mount to my fstab before creating an AMI. The AMI may be started with different iam roles so i don't want to hard code to a particular iam role name.

Originally created by @wimnat on GitHub (Apr 6, 2016). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/387 I would like to know why you need to specify IAM role name? When would IAM role specified be different than what can be found out from http://169.254.169.254/latest/meta-data/iam/info? To maintain backward compatibility, I propose that you should be able to specify an option that reads the IAM role from http://169.254.169.254/latest/meta-data/iam/info and then uses this to authenticate. My reasoning for this request - I want to add an s3fs mount to my fstab before creating an AMI. The AMI may be started with different iam roles so i don't want to hard code to a particular iam role name.
kerem closed this issue 2026-03-04 01:43:13 +03:00
kerem commented 2026-03-04 01:43:14 +03:00
Author
Owner
Copy link

@ggtakec commented on GitHub (May 6, 2016):

@wimnat I'm sorry for my late reply.

I mered new codes which is changed about iam_role option.

New iam_role option requires the IAM role name or "auto".
If you specify "auto", s3fs will automatically use the IAM role names that are set to an instance.(loading IAM role name from http://169.254.169.254/latest/meta-data/iam/info)
If you specify this option without any argument, it is the same as that you have specified the "auto".

As a result of this change, I think it is what you want.

I closed this issue, but if you found bugs or have requests, please reopen this issue.
Thanks.

<!-- gh-comment-id:217347950 --> @ggtakec commented on GitHub (May 6, 2016): @wimnat I'm sorry for my late reply. I mered new codes which is changed about iam_role option. New iam_role option requires the IAM role name or "auto". If you specify "auto", s3fs will automatically use the IAM role names that are set to an instance.(loading IAM role name from http://169.254.169.254/latest/meta-data/iam/info) If you specify this option without any argument, it is the same as that you have specified the "auto". As a result of this change, I think it is what you want. I closed this issue, but if you found bugs or have requests, please reopen this issue. Thanks.
kerem commented 2026-03-04 01:43:14 +03:00
Author
Owner
Copy link

@vbarba commented on GitHub (May 19, 2016):

Hi,

I think that this is not working propperly:

s3fs bucket-tomount /mnt -o iam_role
s3fs: could not determine how to establish security credentials.

but instance role is ok:

curl http://169.254.169.254/latest/meta-data/iam/info
{
"Code" : "Success",
"LastUpdated" : "2016-05-19T11:42:58Z",
"InstanceProfileArn" : "arn:aws:iam::155XXXXXX:instance-profile/XXXXX",
"InstanceProfileId" : "AIPAIJSXXXXXXV4OJS"
}

Thanks.

<!-- gh-comment-id:220300524 --> @vbarba commented on GitHub (May 19, 2016): Hi, I think that this is not working propperly: s3fs bucket-tomount /mnt -o iam_role s3fs: could not determine how to establish security credentials. but instance role is ok: curl http://169.254.169.254/latest/meta-data/iam/info { "Code" : "Success", "LastUpdated" : "2016-05-19T11:42:58Z", "InstanceProfileArn" : "arn:aws:iam::155XXXXXX:instance-profile/XXXXX", "InstanceProfileId" : "AIPAIJSXXXXXXV4OJS" } Thanks.
kerem commented 2026-03-04 01:43:14 +03:00
Author
Owner
Copy link

@nturner commented on GitHub (May 20, 2016):

I'm seeing the same problem as @vbarba. I filed https://github.com/s3fs-fuse/s3fs-fuse/issues/419 to track this.

<!-- gh-comment-id:220649115 --> @nturner commented on GitHub (May 20, 2016): I'm seeing the same problem as @vbarba. I filed https://github.com/s3fs-fuse/s3fs-fuse/issues/419 to track this.
kerem commented 2026-03-04 01:43:14 +03:00
Author
Owner
Copy link

@ggtakec commented on GitHub (May 29, 2016):

@vbarba I merged @nturner 's patch, please see #421 and use latest codes in master branch.
Regards,

<!-- gh-comment-id:222336097 --> @ggtakec commented on GitHub (May 29, 2016): @vbarba I merged @nturner 's patch, please see #421 and use latest codes in master branch. Regards,
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
v1.97
v1.96
v1.95
v1.94
v1.93
v1.92
v1.91
v1.90
v1.89
v1.88
v1.87
v1.86
v1.85
v1.84
v1.83
v1.82
v1.81
v1.80
v1.79
v1.78
Pre-v1.78
v1.77
v1.76
v1.75
v1.74
Labels
Clear labels   
bug

   
bug

   
dataloss

   
duplicate

   
enhancement

   
feature request

   
help wanted

   
invalid

   
need info

   
performance

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
question

   
testing
No labels
bug
bug
dataloss
duplicate
enhancement
feature request
help wanted
invalid
need info
performance
pull-request
question
question
testing
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/s3fs-fuse#204
No description provided.