Matthew Patton

> The file is still present in the cache of the other node. S3fs is not a multi-node cache-coherent filesystem. S3fs also doesn't detect edits done to the S3 bucket...

With AWS Professional Services incessantly pushing MFA and heavy use of account separation and assume-role and friends, the least the tools team could do is keep up, eh?

this is a common IAM template fragment that the lack of support means things get annoying, fast. A more complete [example](https://gist.github.com/tb3088/83b3f8761456ace5ee3761cd613acd6b). ``` { "Sid": "BlockMostAccessUnlessSignedInWithMFA", "Effect": "Deny", "NotAction": [ "iam:GetAccountSummary",...

I do all that - look at cache, etc. in my scripts. The point is there should NOT be an assume-role required for MFA to be invoked. It's a bogus...

https://github.com/tb3088/zabbix/commit/c1ebc97b5a51418b45fd793d6f5fdfe3ff8f7c29

full disclosure, I've spent scant time looking at the codebase. That said I noted that there appears to be NO use of flock(), ranged or otherwise either when invoking disk_file.go::WriteAt()...

I found the call to fs.sync() but yeesh, the code doesn't actually handle errors on close() and just blindly obliterates the file handle? How can that possibly be a valid...

> This is actually part of the new self-resilient format implemented in the SeaweedFS Enterprise version. I didn't realize that was even a thing. Maybe a 1-liner in the github...

The previous is mine. It is **unconscionable** that 4 years in and the team has yet to squash ALL of their published object types. You (AWS) hire summer interns by...

Is this a case of "you're holding it wrong"? You should be using an IAM role and the role perms should be written to allow scribble to the state bucket...