Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Failing in KMS handshake

0

Successfully I ran execute-cmd via aws command on Fargate task instance. But my teammates are running into this error message.

Encountered error while initiating handshake. KMSEncryption failed on client with status 2 error: Failed to process action KMSEncryption: error while creating new KMS service, Error creating new aws sdk session LoadClientTLSCertError: client TLS cert(true) and key(false) must both be provided

Argomenti
ServerlessContainer
Tag
AWS Fargate
Lingua
English
AWS-User-2172324
posta 2 anni fa1289 visualizzazioni
1 Risposta
0

Hi, this issue seems more of KMS key validity issue or permissions. could please refer the documentation[1] and validate the configuration.

Data channel encryption : The communication between your client and the container to which you are connecting is encrypted by default using TLS1.2. It is, however, possible to use your own AWS Key Management Service (KMS) keys to encrypt this data channel. The ECS cluster configuration override supports configuring a customer key as an optional parameter. When specified, the encryption is done using the specified key. Ultimately, ECS Exec leverages the core SSM capabilities described in the SSM documentation.

[1] https://aws.amazon.com/blogs/containers/new-using-amazon-ecs-exec-access-your-containers-fargate-ec2/

AWS
TECNICO DI SUPPORTO
Kiran_K
con risposta 2 anni fa

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente