Menu
I am trying to setup AWS CLI tools and was following instructions at http://docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/set-up-ec2-cli-linux.html#setting_up_ec2_command_linux
However, after following all the steps and setting up my AWS_ACCESS_KEY and AWS_SECRET_KEY, I get
$ ec2-describe-regions Client.UnauthorizedOperation: You are not authorized to perform this operation. (Service: AmazonEC2; Status Code: 403; Error Code: UnauthorizedOperation; Request ID: 55f02cc4-2e9f-4a0a-8b55-46bcc1973f50) I then tried regenerating new credentials, but still getting the same error. I couldn't seem to find information about anyone else having this issue. I tried passing the keys using -O and -W, but that doesn't work either.
Any idea what I might be doing wrong?
315
If the aws command cannot be found after first installing or updating the AWS CLI, you might need to restart your terminal for it to recognize any PATH updates. If the aws command cannot be found after first installing or updating the AWS CLI, it might not have been fully installed.
Use the describe-configuration-recorder-status command to check that the AWS Config has started recording the configurations of the supported AWS resources existing in your account. The recorded configurations are delivered to the specified delivery channel.
However, if you would like to configure the AWS cli without using the Access/Secret Keys. Follow the below steps. Open the IAM console at https://console.aws.amazon.com/iam/. In the navigation pane, choose Roles, Create role.
I am on free tier and found it easier to grant administrator policy to single user, which supports access from all of the amazon command line tools. you can downgrade the policy at a later time if you feel the policy is too lenient.
policies in left hand menu
Assuming you have set up your access keys, you should now have full command line access for given user.
› ec2-describe-regions Client.UnauthorizedOperation: You are not authorized to perform this operation. (Service: AmazonEC2; Status Code: 403; Error Code: UnauthorizedOperation; Request ID: 3398ed18-1caf-4c04-865b-a54f796c653c) › ec2-describe-regions REGION eu-central-1 ec2.eu-central-1.amazonaws.com REGION sa-east-1 ec2.sa-east-1.amazonaws.com REGION ap-northeast-1 ec2.ap-northeast-1.amazonaws.com REGION eu-west-1 ec2.eu-west-1.amazonaws.com REGION us-east-1 ec2.us-east-1.amazonaws.com REGION us-west-1 ec2.us-west-1.amazonaws.com REGION us-west-2 ec2.us-west-2.amazonaws.com REGION ap-southeast-2 ec2.ap-southeast-2.amazonaws.com REGION ap-southeast-1 ec2.ap-southeast-1.amazonaws.com amazons UX takes some time before you get used to it
154
It is very unfortunate that the basic guide on using EC2 CLI tools doesn't even mention this, but looks like my issue was that I didn't have the correct policy setup under my IAM account.
{ "Version": "2012-10-17", "Statement": [{ "Effect": "Allow", "Action": "ec2:Describe*", "Resource": "*" }] } See this link for more details: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ExamplePolicies_EC2.html
27
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With