aws-sdk-ruby
aws-sdk-ruby copied to clipboard
Published
20 hours ago •
aws
aws
S3 with :use_fips_endpoint fails
Describe the bug
When creating S3 client with :use_fips_endpoint I can't access bucket still.
This is related to #2645
Expected Behavior
Things to work.
Current Behavior
2022-06-21T19:22:02.806Z 1 TID-qov6t WARN: Seahorse::Client::NetworkingError: Failed to open TCP connection to s3-fips.amazonaws.com:443 (getaddrinfo: Name or service not known)
2022-06-21T19:22:02.806Z 1 TID-qov6t WARN: /opt/rh/rh-ruby26/root/usr/share/ruby/net/http.rb:949:in `rescue in block in connect'
/opt/rh/rh-ruby26/root/usr/share/ruby/net/http.rb:946:in `block in connect'
/opt/rh/rh-ruby26/root/usr/share/ruby/timeout.rb:93:in `block in timeout'
/opt/rh/rh-ruby26/root/usr/share/ruby/timeout.rb:103:in `timeout'
/opt/rh/rh-ruby26/root/usr/share/ruby/net/http.rb:945:in `connect'
/opt/rh/rh-ruby26/root/usr/share/ruby/net/http.rb:930:in `do_start'
/opt/rh/rh-ruby26/root/usr/share/ruby/net/http.rb:925:in `start'
/opt/rh/rh-ruby26/root/usr/share/ruby/delegate.rb:83:in `method_missing'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/seahorse/client/net_http/connection_pool.rb:307:in `start_session'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/seahorse/client/net_http/connection_pool.rb:100:in `session_for'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/seahorse/client/net_http/handler.rb:128:in `session'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/seahorse/client/net_http/handler.rb:76:in `transmit'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/seahorse/client/net_http/handler.rb:50:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/seahorse/client/plugins/content_length.rb:24:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/seahorse/client/plugins/request_callback.rb:85:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/s3_signer.rb:132:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/s3_signer.rb:63:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/s3_host_id.rb:17:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/xml/error_handler.rb:10:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/transfer_encoding.rb:26:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/helpful_socket_errors.rb:12:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/s3_signer.rb:110:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/redirects.rb:20:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/retry_errors.rb:360:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/retry_errors.rb:394:in `retry_request'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/retry_errors.rb:382:in `retry_if_possible'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/retry_errors.rb:394:in `retry_request'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/retry_errors.rb:382:in `retry_if_possible'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/retry_errors.rb:394:in `retry_request'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/retry_errors.rb:382:in `retry_if_possible'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/retry_errors.rb:371:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/md5s.rb:31:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/http_checksum.rb:19:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/endpoint_pattern.rb:30:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/accelerate.rb:67:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/checksum_algorithm.rb:136:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/bucket_dns.rb:35:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/dualstack.rb:41:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/iad_regional_endpoint.rb:39:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/expect_100_continue.rb:22:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/bucket_name_restrictions.rb:26:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/arn.rb:62:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/rest/handler.rb:10:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/recursion_detection.rb:18:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/user_agent.rb:13:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/endpoint_discovery.rb:80:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/seahorse/client/plugins/endpoint.rb:47:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/param_validator.rb:26:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/logging.rb:41:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/arn.rb:88:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/seahorse/client/plugins/raise_response_errors.rb:16:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/sse_cpk.rb:24:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/dualstack.rb:27:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/plugins/accelerate.rb:56:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/checksum_algorithm.rb:111:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/jsonvalue_converter.rb:22:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/idempotency_token.rb:19:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/param_converter.rb:26:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/seahorse/client/plugins/request_callback.rb:71:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/aws-sdk-core/plugins/response_paging.rb:12:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/seahorse/client/plugins/response_target.rb:24:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-core-3.131.2/lib/seahorse/client/request.rb:72:in `send_request'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/client.rb:12369:in `put_object'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/file_uploader.rb:64:in `block in put_object'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/file_uploader.rb:53:in `block in open_file'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/file_uploader.rb:53:in `open'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/file_uploader.rb:53:in `open_file'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/file_uploader.rb:63:in `put_object'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/file_uploader.rb:45:in `upload'
/opt/system/vendor/bundle/ruby/2.6.0/gems/aws-sdk-s3-1.114.0/lib/aws-sdk-s3/customizations/object.rb:440:in `upload_file'
/opt/system/vendor/bundle/ruby/2.6.0/gems/paperclip-6.1.0/lib/paperclip/storage/s3.rb:379:in `block in flush_writes'
/opt/system/vendor/bundle/ruby/2.6.0/gems/paperclip-6.1.0/lib/paperclip/storage/s3.rb:352:in `each'
/opt/system/vendor/bundle/ruby/2.6.0/gems/paperclip-6.1.0/lib/paperclip/storage/s3.rb:352:in `flush_writes'
/opt/system/vendor/bundle/ruby/2.6.0/gems/paperclip-6.1.0/lib/paperclip/attachment.rb:246:in `save'
/opt/system/vendor/bundle/ruby/2.6.0/gems/paperclip-6.1.0/lib/paperclip/has_attached_file.rb:92:in `block in add_active_record_callbacks'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/callbacks.rb:426:in `instance_exec'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/callbacks.rb:426:in `block in make_lambda'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/callbacks.rb:236:in `block in halting_and_conditional'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/callbacks.rb:517:in `block in invoke_after'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/callbacks.rb:517:in `each'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/callbacks.rb:517:in `invoke_after'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/callbacks.rb:133:in `run_callbacks'
/opt/system/vendor/bundle/ruby/2.6.0/gems/bugsnag-6.11.1/lib/bugsnag/integrations/rails/active_record_rescue.rb:25:in `run_callbacks'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/callbacks.rb:816:in `_run_save_callbacks'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/callbacks.rb:342:in `create_or_update'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/persistence.rb:308:in `save!'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/validations.rb:52:in `save!'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/transactions.rb:315:in `block in save!'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/transactions.rb:387:in `block in with_transaction_returning_status'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/connection_adapters/abstract/database_statements.rb:265:in `transaction'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/transactions.rb:212:in `transaction'
/opt/system/lib/deadlock_retry.rb:52:in `transaction'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/transactions.rb:385:in `with_transaction_returning_status'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/transactions.rb:315:in `save!'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/suppressor.rb:48:in `save!'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/associations/collection_association.rb:375:in `insert_record'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/associations/has_many_association.rb:36:in `insert_record'
/opt/system/vendor/bundle/ruby/2.6.0/gems/protected_attributes_continued-1.8.2/lib/active_record/mass_assignment_security/associations.rb:52:in `block (2 levels) in create_record'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/associations/collection_association.rb:458:in `replace_on_target'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/associations/collection_association.rb:283:in `add_to_target'
/opt/system/vendor/bundle/ruby/2.6.0/gems/protected_attributes_continued-1.8.2/lib/active_record/mass_assignment_security/associations.rb:50:in `block in create_record'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/associations/collection_association.rb:135:in `block in transaction'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/connection_adapters/abstract/database_statements.rb:265:in `transaction'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/transactions.rb:212:in `transaction'
/opt/system/lib/deadlock_retry.rb:52:in `transaction'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/associations/collection_association.rb:134:in `transaction'
/opt/system/vendor/bundle/ruby/2.6.0/gems/protected_attributes_continued-1.8.2/lib/active_record/mass_assignment_security/associations.rb:49:in `create_record'
/opt/system/vendor/bundle/ruby/2.6.0/gems/protected_attributes_continued-1.8.2/lib/active_record/mass_assignment_security/associations.rb:38:in `create!'
/opt/system/vendor/bundle/ruby/2.6.0/gems/protected_attributes_continued-1.8.2/lib/active_record/mass_assignment_security/associations.rb:86:in `create!'
/opt/system/app/lib/simple_layout.rb:82:in `block in import_images!'
/opt/system/app/lib/simple_layout.rb:81:in `each'
/opt/system/app/lib/simple_layout.rb:81:in `import_images!'
/opt/system/app/lib/simple_layout.rb:95:in `block in import!'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/connection_adapters/abstract/database_statements.rb:267:in `block in transaction'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/connection_adapters/abstract/transaction.rb:239:in `block in within_new_transaction'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/concurrency/load_interlock_aware_monitor.rb:26:in `block (2 levels) in synchronize'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/concurrency/load_interlock_aware_monitor.rb:25:in `handle_interrupt'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/concurrency/load_interlock_aware_monitor.rb:25:in `block in synchronize'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/concurrency/load_interlock_aware_monitor.rb:21:in `handle_interrupt'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/concurrency/load_interlock_aware_monitor.rb:21:in `synchronize'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/connection_adapters/abstract/transaction.rb:236:in `within_new_transaction'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/connection_adapters/abstract/database_statements.rb:267:in `transaction'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activerecord-5.2.8/lib/active_record/transactions.rb:212:in `transaction'
/opt/system/lib/deadlock_retry.rb:52:in `transaction'
/opt/system/app/lib/simple_layout.rb:87:in `import!'
/opt/system/app/lib/logic/provider_signup.rb:127:in `import_simple_layout!'
/opt/system/app/workers/signup_worker.rb:45:in `perform'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/processor.rb:192:in `execute_job'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/processor.rb:165:in `block (2 levels) in process'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/middleware/chain.rb:128:in `block in invoke'
/opt/system/lib/three_scale/sidekiq_retry_support.rb:56:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/middleware/chain.rb:130:in `block in invoke'
/opt/system/app/lib/three_scale/analytics/sidekiq_middleware.rb:5:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/middleware/chain.rb:130:in `block in invoke'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-throttled-0.11.0/lib/sidekiq/throttled/middleware.rb:14:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/middleware/chain.rb:130:in `block in invoke'
/opt/system/vendor/bundle/ruby/2.6.0/gems/bugsnag-6.11.1/lib/bugsnag/integrations/sidekiq.rb:24:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/middleware/chain.rb:130:in `block in invoke'
/opt/system/vendor/bundle/ruby/2.6.0/gems/yabeda-sidekiq-0.7.0/lib/yabeda/sidekiq/server_middleware.rb:16:in `block in call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/yabeda-0.8.0/lib/yabeda/dsl/class_methods.rb:69:in `with_tags'
/opt/system/vendor/bundle/ruby/2.6.0/gems/yabeda-sidekiq-0.7.0/lib/yabeda/sidekiq/server_middleware.rb:15:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/middleware/chain.rb:130:in `block in invoke'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-lock-0.4.0/lib/sidekiq/lock/middleware.rb:8:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/middleware/chain.rb:130:in `block in invoke'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-batch-0.1.6/lib/sidekiq/batch/middleware.rb:20:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/middleware/chain.rb:130:in `block in invoke'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/middleware/chain.rb:133:in `invoke'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/processor.rb:164:in `block in process'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/processor.rb:137:in `block (6 levels) in dispatch'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/job_retry.rb:109:in `local'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/processor.rb:136:in `block (5 levels) in dispatch'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/rails.rb:43:in `block in call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/execution_wrapper.rb:90:in `wrap'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/reloader.rb:73:in `block in wrap'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/execution_wrapper.rb:90:in `wrap'
/opt/system/vendor/bundle/ruby/2.6.0/gems/activesupport-5.2.8/lib/active_support/reloader.rb:72:in `wrap'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/rails.rb:42:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/processor.rb:132:in `block (4 levels) in dispatch'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/processor.rb:250:in `stats'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/processor.rb:127:in `block (3 levels) in dispatch'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/job_logger.rb:8:in `call'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/processor.rb:126:in `block (2 levels) in dispatch'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/job_retry.rb:74:in `global'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/processor.rb:125:in `block in dispatch'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/logging.rb:48:in `with_context'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/logging.rb:42:in `with_job_hash_context'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/processor.rb:124:in `dispatch'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/processor.rb:163:in `process'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/processor.rb:83:in `process_one'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/processor.rb:71:in `run'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/util.rb:16:in `watchdog'
/opt/system/vendor/bundle/ruby/2.6.0/gems/sidekiq-5.2.9/lib/sidekiq/util.rb:25:in `block in safe_thread'
Reproduction Steps
client = Aws::S3::Client.new( region: "us-east-1", credentials: Aws::Credentials.new("key", "skey"), use_fips_endpoint: true, force_path_style: false)
resp = client.head_bucket({ bucket: "my-bucket" })
Possible Solution
Probably discovery as described here can help: hashicorp/terraform-provider-aws#14217
Additional Information/Context
No response
Gem name ('aws-sdk', 'aws-sdk-resources' or service gems like 'aws-sdk-s3') and its version
aws-sdk-s3
Environment details (Version of Ruby, OS environment)
Red Hat Enterprise Linux 7, Ruby 2.6.7
Whats the actual bucket name you're using?
The issue here I believe is that in the FIPS regions, the bucket needs to be the endpoint host prefix, but the uri in your stack trace doesn't have the bucket name. With a DNS compatible bucket, I see the correct behavior, eg:
s3 = Aws::S3::Client.new(use_fips_endpoint: true, http_wire_trace: true)
s3.head_bucket(bucket: 'my-bucket')
# wire trace
# opening connection to my-bucket.s3-fips.us-west-1.amazonaws.com:443...
However, our bucket_dns plugin will check for dns compatible bucket names, and only move the bucket name to the endpoint prefix when it is: https://github.com/aws/aws-sdk-ruby/blob/version-3/gems/aws-sdk-s3/lib/aws-sdk-s3/plugins/bucket_dns.rb#L44, eg:
s3 = Aws::S3::Client.new(use_fips_endpoint: true, http_wire_trace: true)
s3.head_bucket(bucket: 'my.bucket')
# wire trace
# opening connection to s3-fips.us-west-1.amazonaws.com:443...
[Aws::S3::Client 0 2.200636 3 retries] head_bucket(bucket:"my.bucket") Aws::Errors::NoSuchEndpointError Encountered a `SocketError` while attempting to connect to:
https://s3-fips.us-west-1.amazonaws.com/my.bucket
s3_us_east_1_regional_endpoint defaults to legacy. For us-east-1, the legacy url (s3.amazonaws.com) is being used. You'll need to configure s3_us_east_1_regional_endpoint: regional. Also force_path_style defaults to false already.
Later I figured out s3_us_east_1_regional_endpoint, thank you. Perhaps it should default to regional when fips endpoints are used? Because global endpoints don't work anyway:
$ nslookup bucketname.s3-fips.amazonaws.com
Server: 127.0.0.1
Address: 127.0.0.1#53
** server can't find bucketname.s3-fips.amazonaws.com: NXDOMAIN
I think the key for my issue is DNS compatible bucket. Yes - my bucket name has dots. Thank you for pointing this out!
Maybe an error should be thrown when using fips endpoints with a dotted bucket? Or maybe a few notes about using fips endpoints in documentation can help.
Thank you again.
I wanted to add a note about s3_us_east_1_regional_endpoint and bucket names with dots in the S3::Client documentation but I don't see where it comes from. I think this would help a lot to avoid confusion for any users.
Of course even better is to set this option automatically for fips endpoint.
Also an option to force domain style URLs would be very useful. For people that decide or need to go that route, for example with a custom CA validation.
⚠️COMMENT VISIBILITY WARNING⚠️
Comments on closed issues are hard for our team to see. If you need more assistance, please either tag a team member or open a new issue that references this one. If you wish to keep having a conversation with other community members under this issue feel free to do so.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}