Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Have gsutil verify google access key and secret provided to `gsutil config -a`

See original GitHub issue

TLDR it’d be nice if gsutil config -a would verify the google access key and secret before writing them to the .boto file.

gsutil config gave me the following error message even though I had already authenticated using gcloud auth login. (somewhat unrelated, perhaps I should open a separate issue?)

CommandException: OAuth2 is the preferred authentication mechanism with the Cloud SDK. Run "gcloud auth login" to configure authentication, unless you want to authenticate with an HMAC access key and secret, in which case run "gsutil config -a".

Anyway, I was able to work around it with gsutil config -a. I copied and pasted my credentials from the browser and proceeded to configure my .boto file. Then I tried to run some code that made use of gsutil and got some cryptic error messages about authentication. It took me a while to figure it out, but it turns out I accidentally copied a little more than just the google secret key from the browser so there was some garbage at the end of gs_secret_access_key.

Issue Analytics

  • State:closed
  • Created 7 years ago
  • Comments:8 (3 by maintainers)

github_iconTop GitHub Comments

3reactions
ceefourcommented, Aug 4, 2017

At last, it works. Thanks to: https://stackoverflow.com/a/38399516/122441 , if someone gets here because same fate as me, here’s how:

  1. Go to https://console.cloud.google.com/storage/settings > Interoperability and create your HMAC Key. it’s called HMAC, the magic word.
  2. Run gsutil config -a and input thing you get from step 1. All done! 😃

Why these two simple steps are not available in the docs is beyond me …

1reaction
ceefourcommented, Aug 5, 2017

Thanks for the explanation. Honestly it feels like a crash lesson in cryptography.

IMHO the beginner quickstart should just let the developer use HMAC in 2 simple steps (without even downloading gsutil!), but also put “If you want more advanced authentication mechanism, read on…”

Read more comments on GitHub >

github_iconTop Results From Across the Web

config - Obtain credentials and create configuration file
The gsutil config command obtains access credentials for Cloud Storage and writes a boto/gsutil configuration file containing the obtained credentials along ...
Read more >
gsutil config -a. Which key to use?
I'm trying to create .boto file using gsutil and it's asking for "Google access key ID". My goal is to script access to...
Read more >
Google Cloud Storage
To connect your Google Cloud Storage account to Make, you will need to obtain the project's Client ID and Client Secret in the...
Read more >
Configuring Access to Google Cloud Storage
If you already have a service account, you do not need to perform these steps as long as you are able to provide...
Read more >
Google Cloud Storage
properties: blobstore: provider: s3 access_key_id: ACCESS-KEY-ID secret_access_key: SECRET-ACCESS-KEY bucket_name: test-bosh-bucket.
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

gsutil work with explicit directories

Next page

gsutil not using gcloug oauth details