Intro
This KB is explaining reason of backup api not working as expected when aws_session_token is used for AWS API authentication
Problem description
Requests to API endpoint returns http code 502 and ptfe_backup_restore docker container logs have messages as like
[INFO] performing s3 prefix detection
NoCredentialProviders: no valid providers in chain. Deprecated.
For verbose messaging see aws.Config.CredentialsChainVerboseErrors
This confusing error message indicates that Terraform Enterprise can't reach AWS S3 for performing backup when S3 instance profile based access is configured in Terraform Enterprise and aws_session_token present in the AWS S3 credentials.
The aws-sdk-go version used in the Terraform Enterprise doesn't work as expected when aws_session_token is set and S3 Instance profile is enabled.
Solution
To workaround the issue configure Terraform Enterprise to have S3 access without using Instance profile or use aws_access_key_id / aws_secret_access_key only based authentication.