Reputation: 74710
Amazon AWS - some regions won't authenticate, others will?
All the time I've been with AWS, I've been using eu-west-1 and the c# code I've written authenticates just fine. It was always the intention that multiple regions would be used, so the regionURL(s) are a configuration option; literally a list of strings. Up to now the list has been 1 long.
The general way of the app working is: within a loop that enumerates the configured URLs, it creates a client and looks for an instance with a particular name pattern that is not running, and then starts it. Up to now there was only eu-west-1 configured so it would only use that regionURL when creating the client, enumerating only the stopped instances in that region
I've recently started adding EC2 instances into another region eu-central-1 so I've added the eu-central-1 region base URL to the config. I know the loop that iterates the config works properly (I've attached a debugger and inspected the string for trailing characters etc - all looks fine), and these are the configured region URLs:
https://eu-west-1.ec2.amazonaws.com
https://ec2.eu-central-1.amazonaws.com
Whenever the app comes to enumerate the region URLs it gets eu-west-1 first and that works fine, but when the loop comes around to eu-central-1 the call to .DescribeInstances(...) fails with:
AWS was not able to validate the provided access credentials
There isn't any practical difference in the way the clients are created; this is literally the exact same code that just worked for eu-west-1. I don't make any particular special effort to provide credentials to anything in code; the web.config just has key value pairs for AWSAccessKey and AWSSecretKey. I've always assumed that the AWS SDK accesses them implicitly by virtue of being a dll part of the app..
Is there something I have to do in the console to enable credentials for a region? Is the fact that the region URLs look in different orders significant (I got the central URL off amazon help docs, the west url is as it always has been)?
Upvotes: 0
Views: 113
Answers (1)
Reputation: 74710
I upgraded the AWS SDK from 1.5 to version 3.3, changing the names of various classes to reflect breaking changes to the schema of AWS namespaces but keeping all the same logic.
I also switched from specifying the region URLs in the config, to region names in the config, as the region URLs seem to be built into the SDK itself when using the static call RegionEndpoint.GetBySystemName("eu-west-1")
These were the only changes, and all started working automagically; the API keys still specified n the web config only, still operating under the assumption that the SDK finds them there itself as I don't use them in my code..
Upvotes: 1
Related Questions
- AWS Java SDK - Unable to find a region via the region provider chain
- Unable to Connect to AWS Keyspace using a particular region
- Credential should be scoped to a valid region, not 'us-west-1' using AWS SES
- Invalid security token when specifying other another region
- Why do I have to enter a region name to get the region list in my AWS account
- Cannot Restrict AWS Regions in my Account
- Unable to find a region via the region provider chain error when getting AmazonS3
- Credentials should be scoped to a valid region
- How to make 'aws ecr get-login' across regions?
- AWS was not able to validate the provided access credentials. AuthFailed only at SPECIFIC regions