Reputation: 22021
EC2ResponseError: 401 Unauthorized AWS was not able to validate the provided access for an ec2 instance
I have two ec2 instances A and B both in same region, security group etc. I use boto to perform connection.
After updating boto from version 2.34.0 to version 2.35.0 I cannot connect to host from instance A, but able to connect from instance B.
AuthFailureAWS was not able to validate the provided access credentials
I have found out that possible reason of such issue is that boto Switch elb/ec2 over to signature version 4
How does that possible that I am able to connect from machine B, but couldn't connect from machine A ?( python code responsible for connection same on both instances)
What could cause such strange situation ? Thanks
Upvotes: 4
Views: 2554
Answers (1)
Reputation: 45846
The SigV4 authentication method places a greater demand on keeping the clock on the requesting device in sync with the clock on the server. It's possible that the clock on the instance that is no longer working has drifted past the 5 minute limit but is still within the 15 minute limit required by the previous SigV2 signing algorithm.
Try sync'ing the clock on both instances.
Upvotes: 5
Related Questions
- boto.exception.EC2ResponseError: EC2ResponseError: 403 Forbidden (rights issue or something else)
- NoCredentialsError : Unable to locate credentials - python module boto3
- unable to loacte credentials while make a connection with DB using boto3
- Boto3: AuthFailure when trying to query AWS with EC2 Client
- Boto Exception NoAuthHandler Found
- Python AWS Boto3 SAML Auth Error
- EC2 Boto connection gives None
- Cannot connect to EC2 using python boto
- docker boto3 AWS was not able to validate the provided access credentials
- AWS-BOTO security group error