Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

"The AWS Access Key Id you provided does not exist in our records." when trying to use AWS CLI

I'm trying to access my S3 Bucket through the cli. I have everything setup up such as having a credentials file where I'm doing this cli work, making sure my environment variables for $AWS_SECRET_ACCESS_KEY and $AWS_ACCESS_KEY_ID have the right things in it, and manually setting them using aws configure.

credentials contains the following information, all blanked out that is:

[sts]
aws_access_key_id = ASIAXXXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXXXXXXXXXXXX
aws_security_token = XXXXXXXXXXXXXXXXXXXXXX
aws_session_expiration = 2018-11-03T00:21:25+0000
aws_session_token = XXXXXXXXXXXXXXXXXXXXXXX
[default]
aws_access_key_id = ASIAXXXXXXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXXXXXX

Also just to make sure I have everything setup, I also ran aws configure:

(venv) ~/.aws $ aws configure list
      Name                    Value             Type    Location
      ----                    -----             ----    --------
   profile                <not set>             None    None
access_key     ****************XXXX shared-credentials-file
secret_key     ****************XXXX shared-credentials-file
    region  

          us-east-1      config-file    ~/.aws/config

However, when I run the following, it says I have this error:

(venv) ~/.aws $ aws s3 sync s3://mybucket/my/path ~/my/path
fatal error: An error occurred (InvalidAccessKeyId) when calling the ListObjectsV2 operation: The AWS Access Key Id you provided does not exist in our records.

I have no idea how to get around this and exhausted all my Googling options.

like image 235
theGreenCabbage Avatar asked Nov 02 '18 23:11

theGreenCabbage


Video Answer


1 Answers

Credentials starting with ASIA are temporary credentials generated via the Security Token Service, and must be used with a Token.

When you run your aws s3 sync command, it is using the [Default] credentials that do not have aws_security_token defined.

Try adding --profile sts to the command to make it use the [sts] credentials.

like image 130
John Rotenstein Avatar answered Oct 14 '22 21:10

John Rotenstein