Setting AWS Credentials: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 5: | Line 5: | ||
* [[Amazon_AWS_Security_Procedures#Setting_AWS_Credentials|AWS Security Procedures]] | * [[Amazon_AWS_Security_Procedures#Setting_AWS_Credentials|AWS Security Procedures]] | ||
* [[AWS_SDK_for_Java_Concepts#Working_with_AWS_Credentials|AWS SDK for Java Concepts]] | |||
=Procedure= | =Procedure= | ||
| Line 27: | Line 28: | ||
aws_access_key_id=... | aws_access_key_id=... | ||
aws_secret_access_key=... | aws_secret_access_key=... | ||
{{External|https://docs.aws.amazon.com/sdk-for-java/v2/developer-guide/credentials.html}} | |||
com.uplift.dev.cryptm.CryptoConverterTests > convertToDatabaseColumn_convertToEntityAttribute STANDARD_ERROR | |||
30-Nov-2018 03:46:58 com.amazonaws.services.kms.model.AWSKMSException: User: arn:aws:sts::144446676909:assumed-role/IamBambooBuildRole/i-07683b7dde59c0696 is not authorized to perform: kms:GenerateDataKey on resource: arn:aws:kms:us-west-2:673499572719:key/0138371a-8054-4c96-9d1f-20a4db2c4ffd (Service: AWSKMS; Status Code: 400; Error Code: AccessDeniedException; Request ID: 49ba097c-506b-4387-a3a3-7bee0e2e9efd) | |||
Revision as of 06:02, 30 November 2018
External
- https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html#credentials-file-format
Internal
Procedure
Provision the API access keys for the Amazon IAM user that will use the API. More details about access keys here: Amazon AWS API Access Keys.
Access keys can be specified on command line every time an ec2 command is issued, with:
-aws-access-key or -O --aws-secret-key or -W
or by setting the following environment variables:
export AWS_ACCESS_KEY=your-aws-access-key-id export AWS_SECRET_KEY=your-aws-secret-key
In case the Java process that is performing the call does not have access to the environment, the credentials may be specified in .aws/credentials:
[default] aws_access_key_id=... aws_secret_access_key=...
com.uplift.dev.cryptm.CryptoConverterTests > convertToDatabaseColumn_convertToEntityAttribute STANDARD_ERROR 30-Nov-2018 03:46:58 com.amazonaws.services.kms.model.AWSKMSException: User: arn:aws:sts::144446676909:assumed-role/IamBambooBuildRole/i-07683b7dde59c0696 is not authorized to perform: kms:GenerateDataKey on resource: arn:aws:kms:us-west-2:673499572719:key/0138371a-8054-4c96-9d1f-20a4db2c4ffd (Service: AWSKMS; Status Code: 400; Error Code: AccessDeniedException; Request ID: 49ba097c-506b-4387-a3a3-7bee0e2e9efd)