With OVFtool I am trying to upload template to vcenter with s3 presigned url as source locator, but getting error
./ovftool --allowAllExtraConfig --noSSLVerify --network="core" --name=centos-Minimal --vmFolder=Testing/temp --datastore='WorkloadDatastore' 'https://xxxxx-bucket-sync.s3.us-xxxx-1.amazonaws.com/xxxx-m-h14-xxxx.ova?X-Amz-Algorithm=AWS4-HMAC-S...' 'vi://zzzzzzzzzzz:xxxxxxxxxx!@vcenter-0-0-0-00.vmwarevmc.com:443/Datacenter/host/Cluster-1/'
Error :-
Error: Unable to access URL [https://xxxxxx-bucket-sync.s3.us-xxxxx-1.amazonaws.com/xxxxx-m-h14-xxxxx.ova] (response code: 403), please check the requested URL
Completed with errors
I need to upload the template through s3 link with secure way.
Hi.
Are you sure you haven't set a password for the Bucket?
Not sure if this will work with S3.
protocol://username:password@host:port/<path to OVF package>
What version of the OVFtool are you using?
The 4.4.0 release notes have a known issue:
OVF Tool drops URL query parameters (after question mark), including authentication tokens. This functionality is required for VMC on AWS pre-signed URLs, and possibly for other public clouds. The workaround is to download the specified file to a local drive and then point OVF Tool at the local file.
We would also like to use a presigned URL to directly import an OVA from a source s3 bucket. We want to avoid the additional I/O overhead of need to make and manage a copy of the file.
Can anybody confirm if this has been fixed in subsequent versions of OVFtool like 4.5 and 4.6? It is no longer listed as a known issue and so far I haven't been able to find any release notes that indicate it has been fix.
FWiW - I tried a presigned URL in the vcenter UI (v7) to "Deploy OVF Template". When I entered a presigned URL in the "Select an OVF template" window and press next it displays in red "URL is not well formed or unsupported"
When I removed the query parameters the error went away. (of course the import failed with a 403).
Maybe this is more than just an OVFtool issue?