Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

User Data - add_s3_download_command missing --region so it fails to download in the ISOLATED zone through S3 VPC gateway

See original GitHub issue
asset = Asset(self, "Asset", path=path.join(__dirname, "configure.sh"))
instance = ec2.Instance(self, "Instance", {})
local_path = instance.user_data.add_s3_download_command(
    bucket=asset.bucket,
    bucket_key=asset.s3_object_key
)
instance.user_data.add_execute_file_command(
    file_path=local_path,
    arguments="--verbose -y"
)
asset.grant_read(instance.role)

Above Python code generate User Data

#!/bin/bash
mkdir -p $(dirname '/tmp/assets/fa08d934445838dab921670b0d40be6d9d261063663fbc9cd7cfd7e6691d233d.zip')
aws s3 cp 's3://cdktoolkit-stagingbucket-silds9kng0ra/assets/fa08d934445838dab921670b0d40be6d9d261063663fbc9cd7cfd7e6691d233d.zip' '/tmp/assets/fa08d934445838dab921670b0d40be6d9d261063663fbc9cd7cfd7e6691d233d.zip'

Which is perfectly working in the private zone. But when deploy instance in the ISOLATED zone its fail to download through S3 VPC Gateway. Manually adding --region with aws s3 cp command, then it works.

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:7 (2 by maintainers)

github_iconTop GitHub Comments

1reaction
DharmSonariyacommented, Sep 26, 2021

@DharmSonariya my proposed PR should suffice to fix your issue.

Thank you for your time and effort.

1reaction
ghostcommented, Jul 15, 2021

Any progress ?

Read more comments on GitHub >

github_iconTop Results From Across the Web

Troubleshoot connecting to Amazon S3 from VPC endpoints
You can access Amazon S3 objects using VPC endpoint only when the S3 objects are in the same Region as the Amazon S3...
Read more >
@aws-cdk/aws-ec2 - npm
If region and account are not specified, the stack could be deployed anywhere and it will have to make a safe choice, limiting...
Read more >
AWS Security Best Practices - Awsstatic
You must download and securely store the private key of the. Amazon EC2 key pair. AWS does not store the private key; if...
Read more >
Managing Amazon S3 access with VPC endpoints and S3 ...
Access Points are unique to an account and Region. ... We then create an Amazon S3 VPC Gateway endpoint to make sure that...
Read more >
Top 100+ AWS Interview Questions and Answers for 2023
Utilizing VPC makes it possible (Virtual Private Cloud). 20. Define Amazon EC2 regions and availability zones? Availability zones are ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Unable to call .getStackName on Stack in Java with Node 12.17.0

Next page

Cannot change DynamoDB serverSideEncryption from true to false