You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I deploy the teleport in a VM in AliCloud, and try to use AWS S3 as the sessions store,
I write the as/sk in /etc/default/teleport, and .aws/credentials and .aws/config
The IAM policy is correct,
but when teleport start, there is a log like this:
2025-02-25T20:42:03.282+08:00 ERRO [S3] Failed to ensure that S3 bucket exists. This is expected if External Audit Storage is enabled or if Teleport has write-only access to the bucket, otherwise S3 session uploads may fail. bucket:records-prod error:[operation error S3: HeadBucket, get identity: get credentials: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, canceled, context deadline exceeded] s3sessions/s3handler.go:457
and when it tried to upload log comes like this:
2025-02-25T19:42:38.660+08:00 WARN [AUTH:COMP] Failed to check uploads. error:[
ERROR REPORT:
Original Error: *smithy.OperationError operation error S3: ListMultipartUploads, get identity: get credentials: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, canceled, context deadline exceeded
Stack Trace:
github.com/gravitational/teleport/lib/events/complete.go:217 github.com/gravitational/teleport/lib/events.(*UploadCompleter).CheckUploads
github.com/gravitational/teleport/lib/events/complete.go:206 github.com/gravitational/teleport/lib/events.(*UploadCompleter).PerformPeriodicCheck
github.com/gravitational/teleport/lib/events/complete.go:170 github.com/gravitational/teleport/lib/events.(*UploadCompleter).Serve
runtime/asm_amd64.s:1700 runtime.goexit
User Message: operation error S3: ListMultipartUploads, get identity: get credentials: failed to refresh cached credentials, no EC2 IMDS role found, operation error ec2imds: GetMetadata, canceled, context deadline exceeded] events/complete.go:209
2025-02-25T19:45:12.537+08:00 ERRO [AUTH:GRPC] Failed to create audit stream: "CreateMultiPartUpload session(5318d02d-36a1-4338-a1f1-9552f388c0dc)\n\toperation error S3: CreateMultipartUpload, get identity: get credentials: request canceled, context canceled". auth/grpcserver.go:358
This discussion was converted from issue #52463 on February 25, 2025 14:05.
Heading
Bold
Italic
Quote
Code
Link
Numbered list
Unordered list
Task list
Attach files
Mention
Reference
Menu
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Expected behavior:
sessions can be uploaded to s3
Current behavior:
the session can't uploaded
Bug details:
I write the as/sk in /etc/default/teleport, and .aws/credentials and .aws/config
The IAM policy is correct,
but when teleport start, there is a log like this:
and when it tried to upload log comes like this:
my config is like this:
Beta Was this translation helpful? Give feedback.
All reactions