• Register
0 votes

Problem :

I am having the shell script which should download some of the files from the S3 and mount the ebs drive. But I am facing following error

 "Unable to locate credentials".

I have already specified all the credentials with following command aws configure  but my commands only work outside the shell script. Can anybody guide me in resolving the issue?

Following is my shell script :

echo $1
sudo mkfs -t ext4 $1
sudo mkdir /s3-backup-test
sudo chmod -R ugo+rw /s3-backup-test
sudo mount $1 /s3-backup-test
sudo aws s3 sync s3://backup-test-s3 /s3-backup/test
du -h /s3-backup-test
ipt (short version):
6 5 3
7,540 points

2 Answers

0 votes

Solution :

If you have the .aws/config file with the roles then please make sure that your config file is correctly formatted. In my case I forgot to put the role_arn = in front of the arn. The default profile will sit in the .aws/credentials file and it contains the access key id and the secret access key of the iam identity.

The config file contains the following role details:

[profile myrole]
role_arn = arn:aws:iam::123456789012:role/My-Role
source_profile = default
mfa_serial = arn:aws:iam::987654321098:mfa/my-iam-identity

If you want you can easily test the access by calling

aws sts get-caller-identity --profile myrole

If you are having the MFA enabled like I have then you will need to enter it when prompted as follows:

Enter MFA code for arn:aws:iam::987654321098:mfa/my-iam-identity:
"UserId": "ARABCDEFGHIJKLMNOPQRST:botocore-session-15441234567",
"Account": "123456789012",
"Arn": "arn:aws:sts::123456789012:assumed-role/My-Role/botocore-session-15441234567"


9 7 4
38,600 points
0 votes


At the time I attempt to access my Amazon easy Storage Service (Amazon S3) bucket employing the AWS Command Line Interface (AWS CLI), I obtain the error "Unable to locate credentials." How can I solve this?


The AWS CLI returns this error at the time it can't allocate the credentials to authenticate AWS API calls. You should be ensure that your AWS credentials are rightly configured in the AWS CLI.

To inspect in case the AWS CLI is configured with credentials, run this command:

$ aws configure list

In case your credentials are configured in the config file, the command returns a response same to the following:

     Name                    Value             Type    Location
     ----                    -----             ----    --------
   profile                <not set>             None    None
access_key     ****************ABCD      config_file    ~/.aws/config
secret_key     ****************ABCD      config_file    ~/.aws/config
    region                us-west-2              env    AWS_DEFAULT_REGION


In case your credentials are configured in an example profile, the command returns a response similar to the following:

      Name                Value                      Type           Location
     ----                 -----                      ----           --------
     profile                <not set>             None          None
access_key     ****************YVEQ      iam-role
secret_key     ****************2a9N       iam-role
       region                <not set>            None          None

Review the response to inspect whether credentials are missing or the stored credentials are false. In case so, update your credentials.

Note: The AWS CLI invokes credential providers in a earmarked order, and the AWS CLI stops invoking providers at the time it traces a place of credentials to use. This implies that in case you have credentials configured false on a credential provider with higher predominance, you obtain the "Unable to locate credentials" error. You obtain this error even in case credentials are configured accurately on a provider with lower precedence.

10 6 4
31,120 points

Related questions

0 votes
1 answer 1.6K views
Problem : I want to setup the Amazon Linux AMI(ami-f0091d91) also I have the script that runs a copy command to copy from the S3 bucket as follows: aws --debug s3 cp s3://aws-codedeploy-us-west-2/latest/codedeploy-agent.noarch.rpm . ... awscli.customizations.s3.s3handler - DEBUG - Exception caught during task execution: A client error (403) occurred when calling the HeadObject operation: Forbidden
asked Dec 9, 2019 alecxe 7.5k points
0 votes
1 answer 11 views
Problem: I am trying to create a Security Group using the AWS SDK but it is failing to authenticate it. For a very specific Access Key and Secret Key I have already provided the Administrative rights and then also it fails to validate. I also tried ... .java:1146) at com.sunil.demo.ec2.SetupEC2.createSecurityGroup(SetupEC2.java:84) at com.sunil.demo.ec2.SetupEC2.main(SetupEC2.java:25)
asked Aug 24 Raphael Pacheco 4.9k points
0 votes
2 answers 375 views
Problem : In the MacOS Mojave terminal I am trying to install a python package with pip. At the end of it says as follows : You are using pip version 10.0.1, however version 18.1 is available. You should consider upgrading via the 'pip install --upgrade pip' command. Here ... to do.Also I just realized that it says Python 2.7 in the error message but I have python 3 and want to use only python 3.
asked Dec 10, 2019 alecxe 7.5k points
0 votes
1 answer 15 views
Problem: Which aspects of virtual memory can you configure on a Windows workstation?
asked Apr 6 ArifulIslam 5.7k points