https://prefect.io logo
Join Slack
Powered by
Hello, I have an agent set up on ECS. Before the h...
# ask-community
a
Hello, I have an agent set up on ECS. Before the holidays, it was working. I took down the service over the holidays since we're still in testing mode. I just created the service again and the task failed. It says 'httpx.HTTPStatus*Error*: Client error '401 Unauthorized' for url 'https://api.prefect.cloud/api/accounts/9fa02386-8bdd-4319-8000-fc4fa159acd7/workspaces/80e576e4-51f4-4634-a38a-beaa75bac5b9/flow_runs/filter'
1
Also when I try to just run a flow locally, it says Client error '401 Unauthorized' for url 'https://api.prefect.cloud/api/accounts/9fa02386-8bdd-4319-8000-fc4fa159acd7/workspaces/80e576e4-51f4-4634-a38a-beaa75bac5b9/health'
c
did your API key change?
a 401 is explicitly you are not allowed
a
The API key has not change that I know. In the logs it shows the agent started, it just failed with the error at the step of check for flow runs. Also, the API key wouldn't affect the local run right? Seems strange that both are getting the 401 error.
c
if your local run is still configured with a cloud based API url, absolutely
it’s still trying to reach out to the API
trying to reproduce for you, without specifying anything in the headers, I get a 403, testing to put a bad api key in now
You can try this:
Copy code
curl -v -H 'Authorization: Bearer <replace with your api key>' <https://api.prefect.cloud/api/accounts/9fa02386-8bdd-4319-8000-fc4fa159acd7/workspaces/80e576e4-51f4-4634-a38a-beaa75bac5b9/health>
With a good API key, I get back:
Copy code
HTTP/2 200
date: Thu, 12 Jan 2023 18:46:52 GMT
server: istio-envoy
content-length: 4
content-type: application/json
x-envoy-upstream-service-time: 12
via: 1.1 google
content-security-policy: default-src 'none'; object-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-permitted-cross-domain-policies: none
referrer-policy: same-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

true%
With a bad api key:
Copy code
HTTP/2 401
date: Thu, 12 Jan 2023 18:48:04 GMT
server: istio-envoy
x-deny: ext-authz
content-length: 47
content-type: application/json
x-envoy-upstream-service-time: 12
via: 1.1 google
content-security-policy: default-src 'none'; object-src 'none'
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-permitted-cross-domain-policies: none
referrer-policy: same-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

{"detail":"Invalid authentication credentials"}%
a
Thanks for your help. The API key for the agent was expired so I updated and it's working. I'm not sure what was going on locally but I just reauthenicated my local profile and now that works as well.
🙌 1
Open in Slack
PreviousNext
Powered by