问题
I'm trying to access my S3 Bucket through the cli. I have everything setup up such as having a credentials file where I'm doing this cli work, making sure my environment variables for $AWS_SECRET_ACCESS_KEY and $AWS_ACCESS_KEY_ID have the right things in it, and manually setting them using aws configure.
credentials contains the following information, all blanked out that is:
[sts]
aws_access_key_id = ASIAXXXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXXXXXXXXXXXX
aws_security_token = XXXXXXXXXXXXXXXXXXXXXX
aws_session_expiration = 2018-11-03T00:21:25+0000
aws_session_token = XXXXXXXXXXXXXXXXXXXXXXX
[default]
aws_access_key_id = ASIAXXXXXXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXXXXXX
Also just to make sure I have everything setup, I also ran aws configure:
(venv) ~/.aws $ aws configure list
Name Value Type Location
---- ----- ---- --------
profile <not set> None None
access_key ****************XXXX shared-credentials-file
secret_key ****************XXXX shared-credentials-file
region
us-east-1 config-file ~/.aws/config
However, when I run the following, it says I have this error:
(venv) ~/.aws $ aws s3 sync s3://mybucket/my/path ~/my/path
fatal error: An error occurred (InvalidAccessKeyId) when calling the ListObjectsV2 operation: The AWS Access Key Id you provided does not exist in our records.
I have no idea how to get around this and exhausted all my Googling options.
回答1:
Credentials starting with ASIA are temporary credentials generated via the Security Token Service, and must be used with a Token.
When you run your aws s3 sync command, it is using the [Default] credentials that do not have aws_security_token defined.
Try adding --profile sts to the command to make it use the [sts] credentials.
来源:https://stackoverflow.com/questions/53127021/the-aws-access-key-id-you-provided-does-not-exist-in-our-records-when-trying