[GH-ISSUE #448] s3fs 1.79 iam_role problem #243

New issue

Closed

opened 2026-03-04 01:43:36 +03:00 by kerem · 1 comment

kerem commented

2026-03-04 01:43:36 +03:00

Owner

Originally created by @ngbranitsky on GitHub (Jul 12, 2016).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/448

I've always used the passwd_file= option without problem.
Not wanting to have the passwd_file visible as plain text, I started creating roles like
"S3FS-client" and assigned them to my EC2 instances on creation.
I was then able to substitute the passwd_file= option with iam_role=S3FS-clientname.
It worked correctly.
Now I've launched a new series of servers in Oregon (us-west-2) and the iam_role option doesn't work.

# curl -sL -w '\n%{http_code}\n' http://169.254.169.254/latest/meta-data/iam/security-credentials/S3FS-client
{
  "Code" : "Success",
  "LastUpdated" : "2016-07-11T16:41:18Z",
  "Type" : "AWS-HMAC",
  "AccessKeyId" : "ASIAXXXXXXXXXXXX7MDQ",
  "SecretAccessKey" : "yAFlXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX2Xf9",
  "Token" : "FQoDYXdzEDIaDFRsXerZpWxO9r4LnCKcAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX0Ababgft2wospiPvAU=",
  "Expiration" : "2016-07-11T23:09:49Z"
}
200
# /usr/bin/s3fs hhsomhadr:/logs /mnt/logs -o nonempty,allow_other,uid=306,gid=306,iam_role=S3FS-client
s3fs: unable to access MOUNTPOINT /mnt/logs: Transport endpoint is not connected

Adding "endpoint=us-west-2" to the option list makes no difference.
(All my other instances where iam_role= works correctly, are in us-east-1. But IAM has no Regions.)
Replacing the iam_role= option with the passwd_file= option successfully mounts the S3 folder.

Originally created by @ngbranitsky on GitHub (Jul 12, 2016). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/448 I've always used the passwd_file= option without problem. Not wanting to have the passwd_file visible as plain text, I started creating roles like "S3FS-client" and assigned them to my EC2 instances on creation. I was then able to substitute the passwd_file= option with iam_role=S3FS-clientname. It worked correctly. Now I've launched a new series of servers in Oregon (us-west-2) and the iam_role option doesn't work. ``` # curl -sL -w '\n%{http_code}\n' http://169.254.169.254/latest/meta-data/iam/security-credentials/S3FS-client { "Code" : "Success", "LastUpdated" : "2016-07-11T16:41:18Z", "Type" : "AWS-HMAC", "AccessKeyId" : "ASIAXXXXXXXXXXXX7MDQ", "SecretAccessKey" : "yAFlXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX2Xf9", "Token" : "FQoDYXdzEDIaDFRsXerZpWxO9r4LnCKcAXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX0Ababgft2wospiPvAU=", "Expiration" : "2016-07-11T23:09:49Z" } 200 # /usr/bin/s3fs hhsomhadr:/logs /mnt/logs -o nonempty,allow_other,uid=306,gid=306,iam_role=S3FS-client s3fs: unable to access MOUNTPOINT /mnt/logs: Transport endpoint is not connected ``` Adding "endpoint=us-west-2" to the option list makes no difference. (All my other instances where iam_role= works correctly, are in us-east-1. But IAM has no Regions.) Replacing the iam_role= option with the passwd_file= option successfully mounts the S3 folder.

kerem closed this issue

2026-03-04 01:43:37 +03:00

kerem commented

2026-03-04 01:43:38 +03:00

Author

Owner

@ggtakec commented on GitHub (Mar 30, 2019):

We kept this issue open for a long time.

Is this problem continuing?

We launch new version 1.86, which fixed some problem(bugs).
Please use the latest version.
I will close this, but if the problem persists, please reopen or post a new issue.

If you encounter problems with s3fs as well, try using the dbglevel`` -d curldbg or similar option to print out the log.
It contains information for the solution.

@ggtakec commented on GitHub (Mar 30, 2019): We kept this issue open for a long time. Is this problem continuing? We launch new version 1.86, which fixed some problem(bugs). Please use the latest version. I will close this, but if the problem persists, please reopen or post a new issue. If you encounter problems with s3fs as well, try using the `dbglevel`` -d` `curldbg` or similar option to print out the log. It contains information for the solution.

kerem referenced this issue

2026-03-04 01:53:51 +03:00

[PR #243] [MERGED] Run cppcheck during Travis builds #1417