Reputation: 149
CLI command "describe-instances" throw error "An error occurred (AuthFailure) when calling the
I was able to install CLI on windows 16 AWS instance. when I try "aws ec2 describe-instances" CLI command, I get the following error
CLI command "describe-instances" throw error "An error occurred (AuthFailure) when calling the DescribeInstances operation: AWS was not able to validate the provided access credentials"
In .aws\config file I have following content:
[default]
region = us-west-2
How can authorization fail when it took my access key id and secret access key without any issue.
Upvotes: 10
Views: 25489
Answers (8)
Reputation: 2781
If you encounter this problem using AWS CLI on WSL2 (Windows Subsystem for Linux) where NTP service cannot be started:
Condition: start condition failed at ...
└─ ConditionVirtualization=!container was not met
simply use:
sudo hwclock -s
Details in this SO question.
Upvotes: 0
Reputation: 1791
For me, I had to go to the Amazon cache folder:
C:\Users\JohnDoe\.aws
Then edit the "credentials" file with Notepad++ and add the "aws_session_token" like to the file.
So my file looks like this:
[default]
aws_access_key_id=A_KEY
aws_secret_access_key=A_SECRET_ACCESS_KEY
aws_session_token=A_SESSION_TOKEN
Upvotes: 2
Reputation: 161
Verify if your datetime is sync ok.
use: ntpdate ntp.server
Upvotes: 16
Reputation: 382
My Access and Security keys are correct. My server time was good. I got error while using Ap-south-1 region. After I changed my region to us-west-2, it worked without any problem.
Upvotes: 1
Reputation: 1058
I deleted my two configuration files from .aws directory and re-ran "aws config" That fixed the problem for me.
My Steps:
- Go to your .aws directory under Users e.g. "c:\Users\Joe\.aws"
- Two files: configure and credential. Delete both files
- Rerun configure: "aws configure"
Note when you run aws configure you will need the AWS Access and Secret Key. If you don't have them you can just create another. Steps:
- Goto "My Security Credentials" Under you Account Name in AWS Console.
- Expand Access Key panel.
- Create New Access Key.
Upvotes: 9
Reputation: 169
I tried many things. Finally, just uninstalling and installing again (not repairing) did the trick. Just make sure to save a copy of your credentials (key and key ID) to use later when calling aws configure.
Upvotes: 0
Reputation: 2132
I tried setting that too on my windows environment. didn't work and getting error above.
so I tried setting my environment
SET AWS_ACCESS_KEY_ID=YOUR_ACCESS_KEY
SET AWS_SECRET_ACCESS_KEY=***YOUR_SECRET_ACCESS_KEY*
and then tried running command like "aws ec2 describe-instance"
Upvotes: 0
Reputation: 150
When you first ran aws configure, it just populated the local credentials in %UserProfile%\.aws\credentials; it didn't validate them with AWS.
(aws-cli doesn't know what rights your user has until it tries to do an operation -- all of the access control happens on AWS's end. It just tries to do what you ask, and tells you if it doesn't have access, like you saw.)
That said, if you're running the CLI from an AWS instance, you might want to consider applying a role to that instance, so you don't have to store your keys on the instance.
Upvotes: 3
Related Questions
- How Can I add description to security group from AWS CLI
- Is the AWS CLI missing data for the "ec2 describe-instancess" method?
- AWS CLI describe-instances does not return any instances
- aws describe instances showing empty list
- AWS ec2 describe Instance not working
- AWS ec2 describe-instances without have to use credentials
- AWS EC2 CLI gives inconsistent results for describe-security-groups
- Possible: AWS CLI Describe Not Equal To
- ec2-describe-instances does not return a response
- AWS ec2-authorize security group error "Unable to find group"