Hi,
Is there a way to tell chef-provisioning-aws driver to use a profile rather
than the default from config/credentials files? I tried
with_driver aws:test1
where test1 is my profile, but that didn’t work.
Regards,
Christine
I am using environmental variables and when I specify CHEF_DRIVER=aws:test1 it uses my profile - does that work for you? If so, I'm guessing it is a bug with with_driver.
What version of chef-provisioning-aws are you using? The ChefDK?
-T
On Jan 29, 2015, at 1:39 PM, Christine Draper christine_draper@thirdwaveinsights.com wrote:
Hi,
Is there a way to tell chef-provisioning-aws driver to use a profile rather than the default from config/credentials files? I tried
with_driver aws:test1
where test1 is my profile, but that didn't work.
Regards,
Christine
This is not working on Master with chef-provisioning-aws last I checked.
You will need to clone down this branch to get that to work...
https://github.com/chef/chef-provisioning-aws/tree/profile_things
On Thu, Jan 29, 2015 at 1:39 PM, Christine Draper <
christine_draper@thirdwaveinsights.com> wrote:
Hi,
Is there a way to tell chef-provisioning-aws driver to use a profile
rather than the default from config/credentials files? I triedwith_driver aws:test1
where test1 is my profile, but that didn't work.
Regards,
Christine
--
Scott Ford
Consulting Engineer
(415) 763-2270 – f lauck@opscode.comords@getchef.com – *my: *Linkedin
http://www.linkedin.com/pub/scott-ford/15/47a/6ab/ Twitter
https://twitter.com/sford422
CHEF
GETCHEF.COM http://www.getchef.com/
TM
getchef.com http://www.getchef.com/ Blog
http://www.opscode.com/blog/ Facebook
https://www.facebook.com/getchefdotcom Twitter
https://twitter.com/chef Youtube https://www.youtube.com/getchef
Looks like the functionality was added to master here:
and it's in the latest version.
On Thu, Jan 29, 2015 at 5:27 PM, Scott Ford fords@getchef.com wrote:
This is not working on Master with chef-provisioning-aws last I checked.
You will need to clone down this branch to get that to work...https://github.com/chef/chef-provisioning-aws/tree/profile_things
On Thu, Jan 29, 2015 at 1:39 PM, Christine Draper <
christine_draper@thirdwaveinsights.com> wrote:Hi,
Is there a way to tell chef-provisioning-aws driver to use a profile
rather than the default from config/credentials files? I triedwith_driver aws:test1
where test1 is my profile, but that didn't work.
Regards,
Christine--
Scott Ford
Consulting Engineer
(415) 763-2270 <%28415%29%20763-2270> – f lauck@opscode.com
ords@getchef.com – *my: *Linkedin
http://www.linkedin.com/pub/scott-ford/15/47a/6ab/ Twitter
https://twitter.com/sford422CHEF
GETCHEF.COM http://www.getchef.com/
TM
getchef.com http://www.getchef.com/ Blog
http://www.opscode.com/blog/ Facebook
https://www.facebook.com/getchefdotcom Twitter
https://twitter.com/chef Youtube https://www.youtube.com/getchef
Hmm.. I must be doing something stupid somewhere. Doesnt work for me with
the env variable either.
I've tried with both the 0.1.3 version that's in ChefDK 0.3.6, and with
0.2.1 (because I needed subnets).
On Thu, Jan 29, 2015 at 4:20 PM, Tyler Ball tball@chef.io wrote:
I am using environmental variables and when I specify
CHEF_DRIVER=aws:test1 it uses my profile - does that work for you? If so,
I'm guessing it is a bug withwith_driver.What version of chef-provisioning-aws are you using? The ChefDK?
-T
On Jan 29, 2015, at 1:39 PM, Christine Draper <
christine_draper@thirdwaveinsights.com> wrote:Hi,
Is there a way to tell chef-provisioning-aws driver to use a profile
rather than the default from config/credentials files? I triedwith_driver aws:test1
where test1 is my profile, but that didn't work.
Regards,
Christine
It seems that there may be a bug in the profile support. Whatever profile
name I put in to the driver, it appears to be running with the credentials
of the first profile in the file.
On Thu, Jan 29, 2015 at 4:42 PM, Christine Draper <
christine_draper@thirdwaveinsights.com> wrote:
Hmm.. I must be doing something stupid somewhere. Doesnt work for me with
the env variable either.I've tried with both the 0.1.3 version that's in ChefDK 0.3.6, and with
0.2.1 (because I needed subnets).On Thu, Jan 29, 2015 at 4:20 PM, Tyler Ball tball@chef.io wrote:
I am using environmental variables and when I specify
CHEF_DRIVER=aws:test1 it uses my profile - does that work for you? If so,
I'm guessing it is a bug withwith_driver.What version of chef-provisioning-aws are you using? The ChefDK?
-T
On Jan 29, 2015, at 1:39 PM, Christine Draper <
christine_draper@thirdwaveinsights.com> wrote:Hi,
Is there a way to tell chef-provisioning-aws driver to use a profile
rather than the default from config/credentials files? I triedwith_driver aws:test1
where test1 is my profile, but that didn't work.
Regards,
Christine
Possibly stupid question: do the profiles other than the default one
start with 'profile' (e.g. '[profile test1]') in the credentials file
(the AWS credentials file is weird in that the default profile is just
[default], but others are [profile profilename])? Also, do your
alternate profiles with with the aws command line tools and the
--profile option or other non-chef-provisioning tools?
On Thu, Jan 29, 2015 at 10:21 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:
It seems that there may be a bug in the profile support. Whatever profile
name I put in to the driver, it appears to be running with the credentials
of the first profile in the file.On Thu, Jan 29, 2015 at 4:42 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hmm.. I must be doing something stupid somewhere. Doesnt work for me with
the env variable either.I've tried with both the 0.1.3 version that's in ChefDK 0.3.6, and with
0.2.1 (because I needed subnets).On Thu, Jan 29, 2015 at 4:20 PM, Tyler Ball tball@chef.io wrote:
I am using environmental variables and when I specify
CHEF_DRIVER=aws:test1 it uses my profile - does that work for you? If so,
I'm guessing it is a bug withwith_driver.What version of chef-provisioning-aws are you using? The ChefDK?
-T
On Jan 29, 2015, at 1:39 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hi,
Is there a way to tell chef-provisioning-aws driver to use a profile
rather than the default from config/credentials files? I triedwith_driver aws:test1
where test1 is my profile, but that didn't work.
Regards,
Christine
Hi,
There are no stupid questions. I am a relative AWS API and
chef-provisioning newbie, and quite willing to believe its my configuration
problem!.
I have [profile profilename] in .config, but I am using .credentials for
the keys where I understand the format is just [profilename] (the aws
commands dont work if I use [profile profilename] in .credentials). I
have verified that I can create a vpc using --profile with aws ec2
create_vpc (and it fails when I don't use --profile, as the default
credentials don't have authority).
I've also tried moving the credentials into .config, but that doesn't
help.
The most alarming behaviour is if I have no default in credentials, and put
the authorized users credentials first, that's what it uses.
Regards,
Christine
On Fri, Jan 30, 2015 at 9:59 AM, Mark Harrison mharrison@chef.io wrote:
Possibly stupid question: do the profiles other than the default one
start with 'profile' (e.g. '[profile test1]') in the credentials file
(the AWS credentials file is weird in that the default profile is just
[default], but others are [profile profilename])? Also, do your
alternate profiles with with the aws command line tools and the
--profile option or other non-chef-provisioning tools?On Thu, Jan 29, 2015 at 10:21 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:It seems that there may be a bug in the profile support. Whatever
profile
name I put in to the driver, it appears to be running with the
credentials
of the first profile in the file.On Thu, Jan 29, 2015 at 4:42 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hmm.. I must be doing something stupid somewhere. Doesnt work for me
with
the env variable either.I've tried with both the 0.1.3 version that's in ChefDK 0.3.6, and with
0.2.1 (because I needed subnets).On Thu, Jan 29, 2015 at 4:20 PM, Tyler Ball tball@chef.io wrote:
I am using environmental variables and when I specify
CHEF_DRIVER=aws:test1 it uses my profile - does that work for you? If
so,
I'm guessing it is a bug withwith_driver.What version of chef-provisioning-aws are you using? The ChefDK?
-T
On Jan 29, 2015, at 1:39 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hi,
Is there a way to tell chef-provisioning-aws driver to use a profile
rather than the default from config/credentials files? I triedwith_driver aws:test1
where test1 is my profile, but that didn't work.
Regards,
Christine
Interesting. You're right about it being just profilename in the
credentials file vs config (today I learned...), and as far as I can
see in the code
(https://github.com/chef/chef-provisioning-aws/blob/master/lib/chef/provisioning/aws_driver/credentials.rb#L37)
it does treat them correctly.
I think the behavior you're seeing about it picking the first set of
credentials if there is no default is caused by this:
but that's still implying that it isn't picking up your profilename.
Hopefully someone smarter than me can work out why that's happening.
On Fri, Jan 30, 2015 at 12:41 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:
Hi,
There are no stupid questions. I am a relative AWS API and chef-provisioning
newbie, and quite willing to believe its my configuration problem!.I have [profile profilename] in .config, but I am using .credentials for the
keys where I understand the format is just [profilename] (the aws commands
dont work if I use [profile profilename] in .credentials). I have verified
that I can create a vpc using --profile with aws ec2 create_vpc (and it
fails when I don't use --profile, as the default credentials don't have
authority).I've also tried moving the credentials into .config, but that doesn't help.
The most alarming behaviour is if I have no default in credentials, and put
the authorized users credentials first, that's what it uses.Regards,
ChristineOn Fri, Jan 30, 2015 at 9:59 AM, Mark Harrison mharrison@chef.io wrote:
Possibly stupid question: do the profiles other than the default one
start with 'profile' (e.g. '[profile test1]') in the credentials file
(the AWS credentials file is weird in that the default profile is just
[default], but others are [profile profilename])? Also, do your
alternate profiles with with the aws command line tools and the
--profile option or other non-chef-provisioning tools?On Thu, Jan 29, 2015 at 10:21 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:It seems that there may be a bug in the profile support. Whatever
profile
name I put in to the driver, it appears to be running with the
credentials
of the first profile in the file.On Thu, Jan 29, 2015 at 4:42 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hmm.. I must be doing something stupid somewhere. Doesnt work for me
with
the env variable either.I've tried with both the 0.1.3 version that's in ChefDK 0.3.6, and with
0.2.1 (because I needed subnets).On Thu, Jan 29, 2015 at 4:20 PM, Tyler Ball tball@chef.io wrote:
I am using environmental variables and when I specify
CHEF_DRIVER=aws:test1 it uses my profile - does that work for you? If
so,
I'm guessing it is a bug withwith_driver.What version of chef-provisioning-aws are you using? The ChefDK?
-T
On Jan 29, 2015, at 1:39 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hi,
Is there a way to tell chef-provisioning-aws driver to use a profile
rather than the default from config/credentials files? I triedwith_driver aws:test1
where test1 is my profile, but that didn't work.
Regards,
Christine
My ruby's so-so, but doesnt:
mean its only looking for "profile profilename" or "default"?
I may try putting credentials back in .config - seems like that should
work. Maybe I did something wrong last time I tried that.
Christine
On Fri, Jan 30, 2015 at 12:42 PM, Mark Harrison mharrison@chef.io wrote:
Interesting. You're right about it being just profilename in the
credentials file vs config (today I learned...), and as far as I can
see in the code
(
https://github.com/chef/chef-provisioning-aws/blob/master/lib/chef/provisioning/aws_driver/credentials.rb#L37
)
it does treat them correctly.I think the behavior you're seeing about it picking the first set of
credentials if there is no default is caused by this:https://github.com/chef/chef-provisioning-aws/blob/master/lib/chef/provisioning/aws_driver/credentials.rb#L22
but that's still implying that it isn't picking up your profilename.Hopefully someone smarter than me can work out why that's happening.
On Fri, Jan 30, 2015 at 12:41 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hi,
There are no stupid questions. I am a relative AWS API and
chef-provisioning
newbie, and quite willing to believe its my configuration problem!.I have [profile profilename] in .config, but I am using .credentials for
the
keys where I understand the format is just [profilename] (the aws
commands
dont work if I use [profile profilename] in .credentials). I have
verified
that I can create a vpc using --profile with aws ec2 create_vpc (and it
fails when I don't use --profile, as the default credentials don't have
authority).I've also tried moving the credentials into .config, but that doesn't
help.The most alarming behaviour is if I have no default in credentials, and
put
the authorized users credentials first, that's what it uses.Regards,
ChristineOn Fri, Jan 30, 2015 at 9:59 AM, Mark Harrison mharrison@chef.io
wrote:Possibly stupid question: do the profiles other than the default one
start with 'profile' (e.g. '[profile test1]') in the credentials file
(the AWS credentials file is weird in that the default profile is just
[default], but others are [profile profilename])? Also, do your
alternate profiles with with the aws command line tools and the
--profile option or other non-chef-provisioning tools?On Thu, Jan 29, 2015 at 10:21 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:It seems that there may be a bug in the profile support. Whatever
profile
name I put in to the driver, it appears to be running with the
credentials
of the first profile in the file.On Thu, Jan 29, 2015 at 4:42 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hmm.. I must be doing something stupid somewhere. Doesnt work for me
with
the env variable either.I've tried with both the 0.1.3 version that's in ChefDK 0.3.6, and
with
0.2.1 (because I needed subnets).On Thu, Jan 29, 2015 at 4:20 PM, Tyler Ball tball@chef.io wrote:
I am using environmental variables and when I specify
CHEF_DRIVER=aws:test1 it uses my profile - does that work for you?
If
so,
I'm guessing it is a bug withwith_driver.What version of chef-provisioning-aws are you using? The ChefDK?
-T
On Jan 29, 2015, at 1:39 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hi,
Is there a way to tell chef-provisioning-aws driver to use a
profile
rather than the default from config/credentials files? I triedwith_driver aws:test1
where test1 is my profile, but that didn't work.
Regards,
Christine
Yes. However, there's another method below that one,
load_credentials_ini, that loads from ~/.aws/credentials, and that
appears to be looking for [profilename] directly. The load_inis method
(called by the load_default method towards the bottom) loads both the
contents of ~/.aws/config and ~/.aws/credentials using the two
load_config_ini and load_credentials_ini files, and then merges the
results.
On Fri, Jan 30, 2015 at 2:47 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:
My ruby's so-so, but doesnt:
https://github.com/chef/chef-provisioning-aws/blob/master/lib/chef/provisioning/aws_driver/credentials.rb#L49
mean its only looking for "profile profilename" or "default"?I may try putting credentials back in .config - seems like that should work.
Maybe I did something wrong last time I tried that.Christine
On Fri, Jan 30, 2015 at 12:42 PM, Mark Harrison mharrison@chef.io wrote:
Interesting. You're right about it being just profilename in the
credentials file vs config (today I learned...), and as far as I can
see in the code(https://github.com/chef/chef-provisioning-aws/blob/master/lib/chef/provisioning/aws_driver/credentials.rb#L37)
it does treat them correctly.I think the behavior you're seeing about it picking the first set of
credentials if there is no default is caused by this:https://github.com/chef/chef-provisioning-aws/blob/master/lib/chef/provisioning/aws_driver/credentials.rb#L22
but that's still implying that it isn't picking up your profilename.Hopefully someone smarter than me can work out why that's happening.
On Fri, Jan 30, 2015 at 12:41 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hi,
There are no stupid questions. I am a relative AWS API and
chef-provisioning
newbie, and quite willing to believe its my configuration problem!.I have [profile profilename] in .config, but I am using .credentials for
the
keys where I understand the format is just [profilename] (the aws
commands
dont work if I use [profile profilename] in .credentials). I have
verified
that I can create a vpc using --profile with aws ec2 create_vpc (and it
fails when I don't use --profile, as the default credentials don't have
authority).I've also tried moving the credentials into .config, but that doesn't
help.The most alarming behaviour is if I have no default in credentials, and
put
the authorized users credentials first, that's what it uses.Regards,
ChristineOn Fri, Jan 30, 2015 at 9:59 AM, Mark Harrison mharrison@chef.io
wrote:Possibly stupid question: do the profiles other than the default one
start with 'profile' (e.g. '[profile test1]') in the credentials file
(the AWS credentials file is weird in that the default profile is just
[default], but others are [profile profilename])? Also, do your
alternate profiles with with the aws command line tools and the
--profile option or other non-chef-provisioning tools?On Thu, Jan 29, 2015 at 10:21 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:It seems that there may be a bug in the profile support. Whatever
profile
name I put in to the driver, it appears to be running with the
credentials
of the first profile in the file.On Thu, Jan 29, 2015 at 4:42 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hmm.. I must be doing something stupid somewhere. Doesnt work for me
with
the env variable either.I've tried with both the 0.1.3 version that's in ChefDK 0.3.6, and
with
0.2.1 (because I needed subnets).On Thu, Jan 29, 2015 at 4:20 PM, Tyler Ball tball@chef.io wrote:
I am using environmental variables and when I specify
CHEF_DRIVER=aws:test1 it uses my profile - does that work for you?
If
so,
I'm guessing it is a bug withwith_driver.What version of chef-provisioning-aws are you using? The ChefDK?
-T
On Jan 29, 2015, at 1:39 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hi,
Is there a way to tell chef-provisioning-aws driver to use a
profile
rather than the default from config/credentials files? I triedwith_driver aws:test1
where test1 is my profile, but that didn't work.
Regards,
Christine
Mystery partly solved. It seems to be specifically to do with the aws_vpc
resource (possibly with all of the aws-specific resources). It works OK for
machine. I stuck a breakpoint in aws_driver/driver and discovered the
relevant profile code gets called for machine but not for aws_vpc. I think
I've got as far as I could on this... hopefully its OK if I raise a bug.
Christine
On Fri, Jan 30, 2015 at 1:58 PM, Mark Harrison mharrison@chef.io wrote:
Yes. However, there's another method below that one,
load_credentials_ini, that loads from ~/.aws/credentials, and that
appears to be looking for [profilename] directly. The load_inis method
(called by the load_default method towards the bottom) loads both the
contents of ~/.aws/config and ~/.aws/credentials using the two
load_config_ini and load_credentials_ini files, and then merges the
results.On Fri, Jan 30, 2015 at 2:47 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:My ruby's so-so, but doesnt:
mean its only looking for "profile profilename" or "default"?
I may try putting credentials back in .config - seems like that should
work.
Maybe I did something wrong last time I tried that.Christine
On Fri, Jan 30, 2015 at 12:42 PM, Mark Harrison mharrison@chef.io
wrote:Interesting. You're right about it being just profilename in the
credentials file vs config (today I learned...), and as far as I can
see in the code(
https://github.com/chef/chef-provisioning-aws/blob/master/lib/chef/provisioning/aws_driver/credentials.rb#L37
)
it does treat them correctly.I think the behavior you're seeing about it picking the first set of
credentials if there is no default is caused by this:but that's still implying that it isn't picking up your profilename.
Hopefully someone smarter than me can work out why that's happening.
On Fri, Jan 30, 2015 at 12:41 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hi,
There are no stupid questions. I am a relative AWS API and
chef-provisioning
newbie, and quite willing to believe its my configuration problem!.I have [profile profilename] in .config, but I am using .credentials
for
the
keys where I understand the format is just [profilename] (the aws
commands
dont work if I use [profile profilename] in .credentials). I have
verified
that I can create a vpc using --profile with aws ec2 create_vpc (and
it
fails when I don't use --profile, as the default credentials don't
have
authority).I've also tried moving the credentials into .config, but that doesn't
help.The most alarming behaviour is if I have no default in credentials,
and
put
the authorized users credentials first, that's what it uses.Regards,
ChristineOn Fri, Jan 30, 2015 at 9:59 AM, Mark Harrison mharrison@chef.io
wrote:Possibly stupid question: do the profiles other than the default one
start with 'profile' (e.g. '[profile test1]') in the credentials file
(the AWS credentials file is weird in that the default profile is
just
[default], but others are [profile profilename])? Also, do your
alternate profiles with with the aws command line tools and the
--profile option or other non-chef-provisioning tools?On Thu, Jan 29, 2015 at 10:21 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:It seems that there may be a bug in the profile support. Whatever
profile
name I put in to the driver, it appears to be running with the
credentials
of the first profile in the file.On Thu, Jan 29, 2015 at 4:42 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hmm.. I must be doing something stupid somewhere. Doesnt work for
me
with
the env variable either.I've tried with both the 0.1.3 version that's in ChefDK 0.3.6, and
with
0.2.1 (because I needed subnets).On Thu, Jan 29, 2015 at 4:20 PM, Tyler Ball tball@chef.io
wrote:I am using environmental variables and when I specify
CHEF_DRIVER=aws:test1 it uses my profile - does that work for
you?
If
so,
I'm guessing it is a bug withwith_driver.What version of chef-provisioning-aws are you using? The ChefDK?
-T
On Jan 29, 2015, at 1:39 PM, Christine Draper
christine_draper@thirdwaveinsights.com wrote:Hi,
Is there a way to tell chef-provisioning-aws driver to use a
profile
rather than the default from config/credentials files? I triedwith_driver aws:test1
where test1 is my profile, but that didn't work.
Regards,
Christine