Menu
I am using AWS CLI on Ubuntu 16.04 LTS, I am trying to list all buckets. In aws configure I have input the IAM user access key and IAM user secret key. This IAM user has permissions to list buckets and can list buckets in the console. But using AWS CLI with these keys and running the command aws s3 ls, it is giving me this error:
A client error (SignatureDoesNotMatch) occurred when calling the ListBuckets operation: The request signature we calculated does not match the signature you provided. Check your key and signing method.
I have created a policy to list buckets for this particular IAM user also.
I want to perform further sync operations and make all files public operations via a shell script using this IAM user credentials and do not want to use root credentials.
980
Use the describe-configuration-recorder-status command to check that the AWS Config has started recording the configurations of the supported AWS resources existing in your account. The recorded configurations are delivered to the specified delivery channel.
If the aws command cannot be found after first installing or updating the AWS CLI, you might need to restart your terminal for it to recognize any PATH updates. If the aws command cannot be found after first installing or updating the AWS CLI, it might not have been fully installed.
To remove a setting, use an empty string as the value, or manually delete the setting in your config and credentials files in a text editor. You can retrieve any credentials or configuration settings you've set using aws configure get .
There are 3 main reasons the SignatureDoesNotMatch occurs in AWS CLI: Your auto-generated secret access key contains special characters (e.g. % , /, or + characters) that cause the error, try to create a new key pair You are in a virtual machine and there is a discrepancy between the host's OS time and the guest's OS time
Run the list-buckets AWS Command Line Interface (AWS CLI) command to get the Amazon S3 canonical ID for your account: Note: If you receive errors when running AWS CLI commands, make sure that you’re using the most recent version of the AWS CLI. 2.
The following command uses the list-buckets command to display the names of all your Amazon S3 buckets (across all regions): aws s3api list-buckets --query "Buckets [].Name" The query option filters the output of list-buckets down to only the bucket names.
Note: You can also use the AWSSupport-TroubleshootS3PublicRead automation document on AWS Systems Manager. This automation document helps you diagnose issues reading objects from a public S3 bucket that you specify. By default, an S3 object is owned by the AWS account that uploaded it.
Found my issue. I had old AWS keys in my environment variables. If you have environment variables named
AWS_SECRET_ACCESS_KEY
AWS_ACCESS_KEY_ID
the awscli will use those values instead of what is provided via ~/.aws/credentials.
Try running printenv | grep AWS and verify that those values aren't set. If so then just run a
unset AWS_SECRET_ACCESS_KEY
unset AWS_ACCESS_KEY_ID
and you should be good to go.
58
In my case, this was due to incorrect aws_secret_access_key.
To check, open the file ~/.aws/credentials by typing:
cat ~/.aws/credentials
The content should be something like below:
[default]
aws_access_key_id = xxx
aws_secret_access_key = xx
See if the aws_access_key_id & aws_secret_access_key matches your credentials. If it doesn't, edit and save changes.
p/s: If you don't remember your aws_secret_access_key, generate a new key and secret by going to aws console --> your name --> My Security Credentials.
Then click 'Create access key':
Take note that you can only have two access keys at a time.
13
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
