Comments (9)
paws.common 0.5.6 is on its way to the cran. closing this ticket, thanks for raising this and all the help in implementing it :)
from paws.
Hi @jonocarroll, I apologise if I have miss understood anything. Is this asking for a better error message to help debug potential missing credentials i.e.
Sys.setenv(AWS_PROFILE = "not_my_profile")
s3 <- paws::s3()
s3$download_file("some_bucket", "mtcars.csv", tmp)
# Error : Missing credentials from profile `note_my_profile`. Please review you config file....
Or if it listed what is missing? Please correct me if I haven't captured it correctly :)
from paws.
I see that paws.common:::Request()
contains
if (is.null(credentials[[aws_profile]])) {
return(NULL)
}
but this just allows the loop over providers in paws.common:::get_credentials()
to fall through to no_credentials()
paws/paws.common/R/credentials.R
Lines 5 to 19 in 614fc9b
Error in f()
(since it's a do.call(f, as.list(data)[args])
operation) and while the call chain does stop there, it's not clear to a user what has gone wrong or why (or where the error comes from). The approach as it is isn't wrong per-se, but a user setting an invalid profile name will have a hard time understanding this error.
I'd like to suggest that in Request()
(or even earlier in the chain) where is.null(credentials[[aws_profile]])
and the request is not specifically anonymous, that the error be generated with a meaningful message and traceback, perhaps something like
Error: Profile 'not_my_profile' not found in credentials file
Error in read_credentials(): Profile 'not_my_profile' not found
Error: 'not_my_profile' is not a named profile in `~/.aws/credentials`
This is a different error to not setting AWS_PROFILE
at all, finding the profile but not the associated keys or their values, and the credentials themselves being insufficient.
from paws.
Ah I see, we could add more information to the logger so a user could get more information. I will have a little look at this over the next few days :)
from paws.
@jonocarroll Here is an initial implementation for debugging credentials:
remotes::install_github("DyfanJones/paws/paws.common", ref = "cred_logging")
options("paws.log_level" = 3L)
s3 <- paws::s3(list(credentials = list(profile = "dummy")))
s3$list_buckets()
#> INFO [2023-02-22 12:10:52.370]: Profile 'dummy' not found in '/Users/dyfanjones/.aws/credentials'
#> INFO [2023-02-22 12:10:52.381]: Profile 'profile dummy' not found in '/Users/dyfanjones/.aws/config'
#> INFO [2023-02-22 12:10:52.405]: Unable to obtain access_key_id, secret_access_key or session_token
#> INFO [2023-02-22 12:10:52.434]: Unable to obtain iam role
#> Error: No credentials provided
Created on 2023-02-22 with reprex v2.0.2
Please have a go and provide some feedback :)
from paws.
FWIW, I wasn't aware of the paws.log_level
option - perhaps I should have looked for that. This is an improvement and using call. = FALSE
leads to a less obscure message, but in terms of "what does the user do with this info?" I worry that a user who thinks they added credentials (with an invalid profile) still needs more to resolve a fallthrough to "no credentials", keeping in mind that they don't necessarily know that it's a fallthrough.
If intercepting this scenario earlier in the process isn't attractive, could I suggest
stop("No compatible credentials provided. Use `options("paws.log_level" = 3L)` for more info")
since that nicely provides the actionable information.
from paws.
I see what you mean. If users aren't aware of logging option then they might struggle setting up there environment. Made a slight modification to the branch.
remotes::install_github("DyfanJones/paws/paws.common", ref = "cred_logging")
Default error message.
s3 <- paws::s3(list(credentials = list(profile = "dummy")))
s3$list_buckets()
#> Error: No compatible credentials provided. Use `options("paws.log_level" = 3L)` for more information.
Updated error message after log_level has been set to 3L.
options("paws.log_level" = 3L)
s3 <- paws::s3(list(credentials = list(profile = "dummy")))
s3$list_buckets()
#> INFO [2023-02-23 09:56:41.736]: Profile 'dummy' not found in '/Users/dyfanjones/.aws/credentials'
#> INFO [2023-02-23 09:56:41.749]: Profile 'profile dummy' not found in '/Users/dyfanjones/.aws/config'
#> INFO [2023-02-23 09:56:41.767]: Unable to obtain access_key_id, secret_access_key or session_token
#> INFO [2023-02-23 09:56:43.834]: Unable to obtain iam role
#> Error: No compatible credentials provided.
from paws.
I like that; it's actionable and makes it clear what went wrong. Thanks so much!
from paws.
@williazo Thanks for all your help with this. I will push this to the cran next week :) in the mean time it will be accessible through r-universe.
install.packages('paws.common', repos = c('https://paws-r.r-universe.dev', 'https://cloud.r-project.org'))
I will keep this ticket open until the cran release 😄
from paws.
Related Issues (20)
- Missing components from response object for bedrock client HOT 1
- AWS config file doesn't support `endpoint_url` HOT 8
- Can't update lambda function with Ephemeral Stroage HOT 5
- Documentation page taking a long time to load HOT 11
- paws.common 0.7.2 cran release
- paws 0.6.0 cran release
- Update `paws_check_rhub` for rhubv2 HOT 1
- Fix paws.security.identity documentation
- s3$list_object_versions stopped working HOT 31
- Support EKS service accounts. HOT 2
- Potential issue with AWS default S3 region of us-east-1 HOT 11
- credential expiration comes back as numeric Inf (unclassed) HOT 5
- Getting 403 error when trying to access public S3 bucket HOT 3
- is it possible to list delete markers with s3$list_object_versions? HOT 17
- Refresh cached credentials
- paws.common release
- omics service error: could not resolve host HOT 22
- Invalid presigned S3 URL HOT 4
- A few issues with sts_assume_role_with_web_identity HOT 2
- cognitoidentityprovider initiate_auth with "USER_PASSWORD_AUTH" Errors when searching for additional credentials HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from paws.