I have a script that attempts to rotate an AWS SecretManager password:
aws --region us-east-2 secretsmanager rotate-secret --secret-id my-secret
But, currently getting the below error from AWS
An error occurred (InvalidRequestException) when calling the RotateSecret operation: A previous rotation isn't complete. That rotation will be reattempted.
Is there a way to force the secret to rotate?
Related
aws --profile xx cognito-idp list-users --user-pool-id xxx --filter cognito:user_status="CONFIRMED"
An error occurred (InvalidParameterException) when calling the ListUsers operation: Error while parsing filter. Let me know what is wrong in that code.
I have been trying to enable default server-side encryption for s3 bucket. However, the command fails with the following error:
[root#dcm-development s3]# aws --profile S3-es-xx-xx-xx-test --endpoint-url https://es-xx-xx-z2.eecloud.xx.net s3api put-bucket-encryption --bucket bucketname --server-side-encryption-configuration '{"Rules": [{"ApplyServerSideEncryptionByDefault": {"SSEAlgorithm": "AES256"}}]}'
An error occurred (InvalidArgument) when calling the PutBucketEncryption operation: Unknown
awscli / Python version:
root#e3a8f6bbbdbc:/app# aws --version
aws-cli/1.18.117 Python/3.6.5 Linux/3.10.0-1062.9.1.el7.x86_64 botocore/1.17.40
I would really appreciate if someone can point out the mistake here. Other operations are working fine such as: put-bucket-policy, delete-bucket-policy, etc.
Im am currently trying to login to the Amazon ECR using the following command aws ecr get-login --region eu-west-2 --no-include-email and am recieveing the following error;
An error occurred (AccessDeniedException) when calling the GetAuthorizationToken operation: User: arn:aws:iam::************:user/referral is not authorized to perform: ecr:GetAuthorizationToken on resource:
Here is what I have currently tried;
Assinging amazonec2containerregistryfullaccess to both user and group
2FA disabled
I also tried to add a Statement within the premissions section of the repo that I had created within Amazon ECR
All the solutions above failed and I am still receieveing the same error, any help on this would be greatly appreciated !
Changing access tokens in both ~/.aws/credentials and ~/.aws/config worked for me.
sudo vim ~/.aws/config
sudo vim ~/.aws/credentials
I try to use aws cli with docker images.
the command line like :
slu#machine:/c/work/dfsi$ export AWS_PROFILE=role-development
slu#machine:/c/work/dfsi$ aws ecr get-login
An error occurred
(AccessDeniedException) when calling the GetAuthorizationToken
operation: User: arn:aws:iam::XXXXXXXXXXXX:user/slu is not authorized
to perform: ecr:GetAuthorizationToken on resource: *
but I can do:
aws ecr get-login --profile=role-development
What I want to do isn't obviously write --profile and try to do it with hidden --profile variable?
How to do that?
The below environmental variable is working for me as expected.
AWS_DEFAULT_PROFILE=profile-name
step1: echo $AWS_DEFAULT_PROFILE to see what's your environment variable.
step2: export AWS_DEFAULT_PROFILE=your_aws_default_profile_name
To verify, simply run aws iam list-users to see what comes back based on your profile.
If you have AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY set then they will override anything in AWS_PROFILE and AWS_DEFAULT_PROFILE
I have a user in AWS having Full admin access but still when I try to describe my EC2 instances or List S3 buckets, I get an Access denied error message - examples below. Any help will be greatly appreciated.
aws s3 ls
An error occurred (AccessDenied) when calling the ListBuckets operation: Access Denied
aws ec2 describe-instances --region eu-west-2
An error occurred (UnauthorizedOperation) when calling the DescribeInstances operation: You are not authorized to perform this operation.
From the command prompt or Linux shell type "aws configure". Verify that the credentials and default region are correct (the last four characters will be displayed). I had the same problem today and I forgot to configure my access keys on a new machine.