aws: I'm not able to download to windows instance using aws_s3_file

I’m not able to download to windows ec2 instance following installer from s3, can anyone please help me.

Cookbook version 8.0.3

Chef-client version [13.0]

‘windows’, ‘~> 4.2.5’ ‘java_se’, ‘~> 11.0’

configure.rb

installation_media_folder = 'C:/InstallationMedia'
directory installation_media_folder do
  rights :full_control, 'Administrator'
  action :create
end

files_to_copy = ['TableauServer-64bit.exe', 'TableauServerWorker-64bit.exe']

files_to_copy.each do |installer|
  aws_s3_file "#{installation_media_folder}/#{installer}" do
    bucket 'test-DEV'
    remote_path "tableau/10.5.3/#{installer}"
    region 'us-east-1'
    action :create
  end
end

Actual Result:

17:51:53 * directory[C:/InstallationMedia] action create
17:51:53 - create new directory C:/InstallationMedia
17:51:53 - change dacl
17:51:53 * aws_s3_file[C:/InstallationMedia/TableauServer-64bit.exe] action create
17:51:53 * remote_file[C:/InstallationMedia/TableauServer-64bit.exe] action create
17:51:53  
17:51:53  
17:51:53 ================================================================================
17:51:53 Error executing action `create` on resource 'remote_file[C:/InstallationMedia/TableauServer-64bit.exe]'
17:51:53 ================================================================================
17:51:53  
17:51:53 Net::HTTPServerException
17:51:53 ------------------------
17:51:53 403 "Forbidden"
17:51:53  
17:51:53 Resource Declaration:
17:51:53 ---------------------
17:51:53 # In C:/Users/ADMINI~1/AppData/Local/Temp/kitchen/cache/cookbooks/aws/resources/s3_file.rb
17:51:53  
17:51:53 149: remote_file new_resource.name do
17:51:53 150: path new_resource.path
17:51:53 151: source s3_url
17:51:53 152: owner new_resource.owner if new_resource.owner
17:51:53 153: group new_resource.group if new_resource.group
17:51:53 154: mode new_resource.mode if new_resource.mode
17:51:53 155: checksum new_resource.checksum if new_resource.checksum
17:51:53 156: backup new_resource.backup
17:51:53 157: headers new_resource.headers if new_resource.headers
17:51:53 158: use_etag new_resource.use_etag
17:51:53 159: use_last_modified new_resource.use_last_modified
17:51:54 160: atomic_update new_resource.atomic_update
17:51:54 161: force_unlink new_resource.force_unlink
17:51:54 162: manage_symlink_source new_resource.manage_symlink_source
17:51:54 163: sensitive new_resource.sensitive
17:51:54 164: retries new_resource.retries
17:51:54 165: retry_delay new_resource.retry_delay
17:51:54 166: if node['platform_family'] == 'windows'
17:51:54 167: inherits new_resource.inherits
17:51:54 168: rights new_resource.rights
17:51:54 169: end
17:51:54 170: action resource_action
17:51:54  
17:51:54 Compiled Resource:
17:51:54 ------------------
17:51:54 # Declared in C:/Users/ADMINI~1/AppData/Local/Temp/kitchen/cache/cookbooks/aws/resources/s3_file.rb:149:in `do_s3_file'
17:51:54  
17:51:54 remote_file("C:/InstallationMedia/TableauServer-64bit.exe") do
17:51:54 provider Chef::Provider::RemoteFile
17:51:54 action [:create]
17:51:54 default_guard_interpreter :default
17:51:54 source ["https://s3.amazonaws.com/test-DEV/tableau/10.5.3/TableauServer-64bit.exe?Signature=xxxxxxxxxxxxxxxx"]
17:51:54 use_etag true
17:51:54 use_last_modified true
17:51:54 cookbook_name "image-win-tableau-master"
17:51:54 checksum nil
17:51:54 backup 5
17:51:54 path "C:/InstallationMedia/TableauServer-64bit.exe"
17:51:54 verifications []
17:51:54 rights nil
17:51:54 deny_rights nil
17:51:54 inherits true
17:51:54 declared_type :remote_file
17:51:54 atomic_update true
17:51:54 retries 0
17:51:54 retry_delay 2
17:51:54 not_if { #code block }
17:51:54 end
17:51:54  
17:51:54 System Info:
17:51:54 ------------
17:51:54 chef_version=13.0.118
17:51:54 platform=windows
17:51:54 platform_version=6.3.9600
17:51:54 ruby=ruby 2.4.1p111 (2017-03-22 revision 58053) [x64-mingw32]
17:51:54 program_name=C:/opscode/chef/bin/chef-solo
17:51:54 executable=C:/opscode/chef/bin/chef-solo
17:51:54  
17:51:54  
17:51:54 ================================================================================
17:51:54 Error executing action `create` on resource 'aws_s3_file[C:/InstallationMedia/TableauServer-64bit.exe]'
17:51:54 ================================================================================
17:51:54  
17:51:54 Net::HTTPServerException
17:51:54 ------------------------
17:51:54 remote_file[C:/InstallationMedia/TableauServer-64bit.exe] (C:/Users/ADMINI~1/AppData/Local/Temp/kitchen/cache/cookbooks/aws/resources/s3_file.rb line 149) had an error: Net::HTTPServerException: 403 "Forbidden"
17:51:54  
17:51:54 Resource Declaration:
17:51:54 ---------------------

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Comments: 16 (8 by maintainers)

Most upvoted comments

Thank you Ben.

Pointing me to where the chop function was being called, helped point us to the right direction. We are now able to download the file from S3 using the latest version of the AWS cookbook.

The reason for it coming back nil is because at times, for 5th generation Windows servers (m5 EC2s), the metadata endpoint has been unreachable. This would also cause ohai to fail. As a workaround, I had to write a PowerShell script to reroute some net paths in the system route table.

We will be filing a bug report with AWS once I am able to replicate this issue a bit further to confirm that it is M5’s.

+1
christopherlazarumg on May 2, 2020
Read more comments on GitHub
← apache2: Infinite loop from apache2_mod_auth_cas and apache2_module 'auth_cas' resources
aws: Parameter Store get parameters by path -- undefined method `return_keys' →