hi,
i have a problem configuring the s3 backend, and not sure what is wrong. I get the follow error no matter how i structure the config item for “audit_sessions_uri”. have tried with different bucket names with a simple name such as “teleportevents” or a fqdn bucket name.
INFO [S3] Setting up bucket “teleportevents”, sessions path “” in region “us-east-1”. s3sessions/s3handler.go:93
ERROR REPORT:
Original Error: *trace.BadParameterError NoCredentialProviders: no valid providers in chain. Deprecated.
For verbose messaging see aws.Config.CredentialsChainVerboseErrors
Stack Trace:
/gopath/src/github.com/gravitational/teleport/lib/events/s3sessions/s3handler.go:303 github.com/gravitational/teleport/lib/events/s3sessions.ConvertS3Error
User Message: NoCredentialProviders: no valid providers in chain. Deprecated.
For verbose messaging see aws.Config.CredentialsChainVerboseErrors, initialization failed
i can’t post the full stace trace because i’m a new user, and am limited to two links in a post.
my config -
teleport:
storage:
region: us-east-1
access_key: key
secret_key: secret
audit_sessions_uri: s3://teleportevents
my iam user currently has the aws default policy “AmazonS3FullAccess” for troubleshooting. didn’t work when i had a more restrictive policy with only get/put to the specific bucket.
i can get/put items to the s3 bucket using the access key with awscli.
if i change my storage type to dynamodb, teleport does create the table, so my access key should be good.
teleport starts up correctly if i use local storage only.
running teleport v4.0.9, ubuntu 18.04 ec2 instances.
Thoughts on what i’m doing wrong?
Thanks