Comments (11)
Hello @sanjeevim,
You can specify a KMS alias as input of the state machine (alias/aws/KMS is only used as default value).
The error message you got here explained that the snapshot operation execution time exceeded the value of the Boto3's waiter.
Can you tell me please how many volumes that you tried to encrypt and, most important, the size of these volumes ?
Regards,
from ec2cryptomatic-serverless.
Hello Julien,
I have windows machine and there are two volumes are associated and their size is 30gb each.
My CM KMS input as “alias/test123”.
Is this the right input format for Cm KMS or something else?
Thanks,
Sanjeevi
from ec2cryptomatic-serverless.
Hello again,
This CMK alias seems to be good, I think you can use it.
I have pushed few seconds ago a beta version that support a higher wait time for snapshot operations (with a maximum limit at 15 minutes per snapshots operation).
If you want you can test this version by using this bellow link:
https://github.com/jbrt/ec2cryptomatic-serverless/tree/1.1.1-beta
Regards,
Julien
from ec2cryptomatic-serverless.
Thank you Julien.
I will pull the latest and revert back to you.
You are the best.
I have enhanced tags creation during copy snapshot and volume creation from encrypted snapshots as well.
Thanks.
from ec2cryptomatic-serverless.
You're welcome, fell free to create a pull request if you want.
Please note that this version of the code could may fail to encrypt very big volumes (if the encrypting time takes longer than 15 minutes, the lambda will exit). When I'll have more time I'll change the structure of the state machine by adding SQS queues for handling a longer execution time.
Regards
from ec2cryptomatic-serverless.
Yeah sure.
I’ll create a PR and will inform you to approve and merge.
from ec2cryptomatic-serverless.
Hello @sanjeevim,
Thank you for your PR request. I've merged it few second ago.
In the meanwhile, did you tried this beta version ? If yes, can you tell me if this version has solved your problem ?
Regards,
Julien
from ec2cryptomatic-serverless.
from ec2cryptomatic-serverless.
Hello Julien,
I hope you are doing well today!
The default "/aws/ebs/kms" is working without any issues but, while going with customer managed key I am getting the below error. Requesting you to share your inputs on this.
Getting error like unable to find the "KMS Key".
I have windows machine and the volumes size is 8gb.
User Input to the step function:
{
"region": "us-east-1",
"instance_id": ["i-xyz12456b13"],
"kms_key": "alias/DND-KEY-MINE",
"delete_source": true
}
Error:
Waiter SnapshotCompleted failed: The snapshot 'snap-0037439nfkdln' does not exist.: WaiterError Traceback (most recent call last): File "/var/task/ebs_encrypt_snapshot.py", line 20, in lambda_handler kms_key=kms_key).start()}} File "/opt/python/aws_library/ebs_encrypt_snapshot.py", line 51, in start self._wait_snapshot.wait(SnapshotIds=[snap_id['SnapshotId']]) File "/var/runtime/botocore/waiter.py", line 53, in wait Waiter.wait(self, **kwargs) File "/var/runtime/botocore/waiter.py", line 313, in wait last_response=response botocore.exceptions.WaiterError: Waiter SnapshotCompleted failed: The snapshot 'snap-0037439nfkdln' does not exist.
-- | --
from ec2cryptomatic-serverless.
Julien,
This is fixed. I found that KMS policy doesn't have enough privilege.
from ec2cryptomatic-serverless.
Hello @sanjeevim
I'm so sorry, I've missed your previous message so that's why I only respond now :(
So, everything is fine on your side ? If yes it's great !
If everything is fine for you I'll merge this version onto master. I just wait for your confirmation.
Have a nice day !
from ec2cryptomatic-serverless.
Related Issues (2)
- terraform init issue HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ec2cryptomatic-serverless.