Packer: Error When Building an AWS AMI with Packer in an AWS-CLI configured Environment
Attempting to create an AWS AMI in RHEL 7 when AWS ACCESS KEY and AWS SECRET ACCESS KEY is read from environment variable leads to the following error:
--> amazon-ebs: Error querying AMI: RequestError: send request failed
caused by: Post https://ec2.us-east-1.amazonaws.com/: net/http: invalid header field value "AWS4-HMAC-SHA256 Credential=XXXXXXXXXXXXXXXXXXXX\r/YYYMMDD/us-east-1/ec2/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date, Signature=XXXXXXXXXXXXXXXXXXXXXXXXX" for key Authorization
Looks like the issue is related to the "r" inserted after the access ID in AWS signature.
- Packer version: 0.12.3
- Host platform: Red Hat Enterprise Linux Server Release 7.3 (Maipo)
- https://gist.github.com/saedalav/83c95ab3036e4f730553ac3c15745acd
saedalavinia
All 6 comments
Make sure there's no \r in the environment.
Can you tell me the output of echo $AWS_ACCESS_KEY_ID | grep -q "\r"; echo $? is?
mwhooker
on 3 Apr 2017
To my understanding, there is no r in the environment.
$? returns a non-zero (1).
Besides env vars, I also checked into .aws/credentials and that also contains no r
saedalavinia
on 3 Apr 2017
hmm, I would still investigate the data. My next debugging step might be to run env -i AWS_ACCESS_KEY_ID=... AWS_SECRET_ACCESS_KEY=... packer build config.json.
I would also rename ~/.aws if you have anything there, just to make sure the config only comes from the environment
mwhooker
on 3 Apr 2017
running the command with env -i worked just fine which means packer was able to read from .aws/credentials just fine.
I then ran "env > env.txt ; vim env.txt" and noticed the following:
AWS_ACCESS_KEY_ID = XXXXXXXXXXX^M
AWS_SECRET_ACCESS_KEY = XXXXXXXXXX^M
Not sure where those came from and they weren't obviously showing up with cat and env variables.
Thanks!
saedalavinia
on 3 Apr 2017
For anyone else who comes across this, I solved this problem by removing all files from ~/.aws/cli/cache.
mdinos
on 29 Nov 2018
I'm going to lock this issue because it has been closed for _30 days_ โณ. This helps our maintainers find and focus on the active issues.
If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.
![hashibot[bot] picture](https://avatars2.githubusercontent.com/in/8332?v=4&s=40)
hashibot[bot]
on 30 Mar 2020
Related issues
mushon4
ยท
3Comments
russmac
ยท
3Comments
shashanksinha89
ยท
3Comments
paulcdejean
ยท
3Comments
brettswift
ยท
3Comments
Most helpful comment
Make sure there's no
\rin the environment.Can you tell me the output of
echo $AWS_ACCESS_KEY_ID | grep -q "\r"; echo $?is?