Add Advanced Settings to S3 Cloud Credentials in new UI
We have configured a S3 cloud credentials with the endpoint URL
Trying to create a cloud sync task you get the error message:
Error: 14 [EFAULT] 2019/01/18 16:46:14 ERROR : : error listing: AuthorizationHeaderMalformed: The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'eu-central-1' status code: 400, request id: 694FE4F3592EB6F4, host id: BxgNszJ9akb46DBWcG91WQfAvcyNy0nNqjMnbGmzlZt...
When using s3fs on the console i can mount a s3 bucket wihtout a problem:
s3fs [mybucket] /mnt/buck2/ -o dbglevel=info -o curldbg -f
Debug output shows, s3fs also gets a 400 Bad Request "The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'eu-central-1'". But afterwards it changes the URL:
[INF] curl.cpp:prepare_url(4253): URL is https://s3-eu-central-1.amazonaws.com/[mybucket]/ [INF] curl.cpp:prepare_url(4285): URL changed is https://[mybucket].s3-eu-central-1.amazonaws.com/ [INF] curl.cpp:insertV4Headers(2400): computing signature [GET] [/]   [INF] curl.cpp:url_to_host(101): url is https://s3-eu-central-1.amazonaws.com
Alternatively, when using
-o endpoint=eu-central-1it is possible to choose the correct region first place.
#4 Updated by Vladimir Vinogradenko almost 3 years ago
- Status changed from Unscreened to Blocked
- Needs Doc changed from Yes to No
You don't have to set any endpoint URL, FreeNAS will get region automatically using https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETlocation.html
Please clear "Endpoint URL" field and also uncheck any other checkboxes on the AWS credentials page and try again.
#6 Updated by IT IGP almost 3 years ago
- File Screenshot_17.png Screenshot_17.png added
- File Screenshot_18.png Screenshot_18.png added
- Private changed from No to Yes
i see. leaving it blank solved the issue. maybe you could add
"using AWS leave this field empty - the available buckets are fetched dynamically and presented to you for selection during creation of a cloud sync task" to the tooltip / documentation. especially given the links to amazon docs how this endpoint should be formatted, this is quite confusing :/
maybe also add a checkbox to allow for non-amazon usecase and have the endpoint by default disabled?
also, if you just add the bucket name as endpoint, the error message is also quite confusing after some long timeout ;)
#7 Updated by Vladimir Vinogradenko almost 3 years ago
- Status changed from Blocked to Unscreened
- Assignee changed from Vladimir Vinogradenko to Lola Yang
- Reason for Blocked deleted (
Need additional information from Author)
- Needs Doc changed from No to Yes
Lola, please hide all S3 credential fields except "Access Key ID" and "Secret Access Key" under "additional settings" spoiler or something like that.
Also please work with docs team on proposed tooltip and/or documentation changes.
#19 Updated by Dru Lavigne over 2 years ago
- Status changed from Passed Testing to Done