Why does my AWS CLI hang when I try to do any operation in my new Amazon Linux instance? -
i have provisioned new ec2 instance using cloudformation, , have set network acl following rules:
inbound 100 http (80) tcp (6) 80 0.0.0.0/0 allow 102 ssh (22) tcp (6) 22 0.0.0.0/0 allow 104 custom tcp rule tcp (6) 1024-65535 0.0.0.0/0 allow * traffic 0.0.0.0/0 deny outbound 100 http (80) tcp (6) 80 0.0.0.0/0 allow 102 custom tcp rule tcp (6) 1024-65535 0.0.0.0/0 allow * traffic 0.0.0.0/0 deny
i have assigned iam role following policy instance:
{ "version": "2012-10-17", "statement": [ { "sid": "stmt1427889375000", "effect": "allow", "action": [ "s3:*" ], "resource": [ "arn:aws:s3:::my-bucket/*" ] } ] }
when instance starts, can ssh in when run following:
aws s3 ls s3://my-bucket
it hangs. when press ctrl+c
following stack trace:
traceback (most recent call last): file "/usr/bin/aws", line 27, in <module> sys.exit(main()) file "/usr/bin/aws", line 23, in main return awscli.clidriver.main() file "/usr/lib/python2.7/dist-packages/awscli/clidriver.py", line 50, in main return driver.main() file "/usr/lib/python2.7/dist-packages/awscli/clidriver.py", line 197, in main return command_table[parsed_args.command](remaining, parsed_args) file "/usr/lib/python2.7/dist-packages/awscli/customizations/commands.py", line 185, in __call__ parsed_globals) file "/usr/lib/python2.7/dist-packages/awscli/customizations/commands.py", line 182, in __call__ return self._run_main(parsed_args, parsed_globals) file "/usr/lib/python2.7/dist-packages/awscli/customizations/s3/subcommands.py", line 330, in _run_main self._list_all_objects(bucket, key, parsed_args.page_size) file "/usr/lib/python2.7/dist-packages/awscli/customizations/s3/subcommands.py", line 352, in _list_all_objects response_data in iterator: file "/usr/lib/python2.7/dist-packages/botocore/paginate.py", line 70, in __iter__ response = self._make_request(current_kwargs) file "/usr/lib/python2.7/dist-packages/botocore/paginate.py", line 116, in _make_request return self._method(**current_kwargs) file "/usr/lib/python2.7/dist-packages/botocore/client.py", line 187, in _api_call return self._make_api_call(operation_name, kwargs) file "/usr/lib/python2.7/dist-packages/botocore/client.py", line 231, in _make_api_call operation_model, request_dict) file "/usr/lib/python2.7/dist-packages/botocore/endpoint.py", line 173, in make_request return self._send_request(request_dict, operation_model) file "/usr/lib/python2.7/dist-packages/botocore/endpoint.py", line 201, in _send_request request, operation_model, attempts) file "/usr/lib/python2.7/dist-packages/botocore/endpoint.py", line 231, in _get_response proxies=self.proxies, timeout=self.timeout) file "/usr/lib/python2.7/dist-packages/botocore/vendored/requests/sessions.py", line 573, in send r = adapter.send(request, **kwargs) file "/usr/lib/python2.7/dist-packages/botocore/vendored/requests/adapters.py", line 370, in send timeout=timeout file "/usr/lib/python2.7/dist-packages/botocore/vendored/requests/packages/urllib3/connectionpool.py", line 518, in urlopen body=body, headers=headers) file "/usr/lib/python2.7/dist-packages/botocore/vendored/requests/packages/urllib3/connectionpool.py", line 322, in _make_request self._validate_conn(conn) file "/usr/lib/python2.7/dist-packages/botocore/vendored/requests/packages/urllib3/connectionpool.py", line 727, in _validate_conn conn.connect() file "/usr/lib/python2.7/dist-packages/botocore/vendored/requests/packages/urllib3/connection.py", line 204, in connect conn = self._new_conn() file "/usr/lib/python2.7/dist-packages/botocore/vendored/requests/packages/urllib3/connection.py", line 134, in _new_conn (self.host, self.port), self.timeout, **extra_kw) file "/usr/lib/python2.7/dist-packages/botocore/vendored/requests/packages/urllib3/util/connection.py", line 78, in create_connection sock.connect(sa) file "/usr/lib64/python2.7/socket.py", line 224, in meth return getattr(self._sock,name)(*args) keyboardinterrupt
it looks network issue i'm not sure what.
i can access internet instance, confirmed with
[ec2-user@ip-10-1-1-100 aws-bootstrapping]$ curl -i www.google.com http/1.1 302 found location: http://www.google.ie/?gws_rd=cr&ei=-eebvc_ziobm7gaw7yc4bw cache-control: private content-type: text/html; charset=utf-8 set-cookie: pref=id=679f042abd7bfd64:ff=0:tm=1427890681:lm=1427890681:s=cjbdhgcxjhkfnjok; expires=fri, 31-mar-2017 12:18:01 gmt; path=/; domain=.google.com set-cookie: nid=67=kgz3blhr3nu08xwixhqhx4n3hnj1me4txzhe8ogh0h6d1spjwk1vvhi9sopkb_jy9pqaiurvdq1_7pa3wd5typatrwp5dcoccqsinoxt-tbgwo37qcwl7auhznvca0cp; expires=thu, 01-oct-2015 12:18:01 gmt; path=/; domain=.google.com; httponly p3p: cp="this not p3p policy! see http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 more info." date: wed, 01 apr 2015 12:18:01 gmt server: gws content-length: 258 x-xss-protection: 1; mode=block x-frame-options: sameorigin alternate-protocol: 80:quic,p=0.5
it looks don't allow ssl (443) traffic out. default aws cli connects aws services via ssl endpoints.
Comments
Post a Comment