Uploaded image for project: 'Hue'
  1. Hue
  2. HUE-8780

[fb] S3 iam is not detected on HVM EC2 Instances

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 4.4.0
    • Fix Version/s: None
    • Component/s: app.filebrowser
    • Labels:
      None

      Description

      https://github.com/cloudera/hue/issues/766

       

      On hue 4.3 built from source, deployed to an AWS EC2 HVM based instance, the S3 File Browser remains disabled when allow_environment_credentials=True in the [[aws]][[default]] section of the INI file.

      The specific issue is in:
      desktop/libs/aws/src/aws/conf.py in lines 198-207 ( the has_iam_metadata function ).

      The source checks /sys/hypervisor/uuid for a GUID with a magic value that starting with EC2 to determine that it is a virtualized EC2 instance. This specific condition is not met on HVM based EC2 instances, which have an empty /sys/hypervisor folder.

      Instead, as per the latest documentation at
      https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/identify_ec2_instances.html, you should use the Desktop Management Interface through dmidecode or the files at /sys/devices/virtual/dmi/id/* to identify if the instance is an EC2 instance. Many of the ../dmi/id/ files world readable, and the /sys/devices/virtual/dmi/id/sys_vendor will return "Amazon EC2" and is a reliable device file you can use to determine the VM is an EC2 instance.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              jgauthier Jean Francois Desjeans Gauthier
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: