Some actions that involve IAM permissions may return a Client.UnauthorizedOperation responses.
You can decrypt the message from the CLI using the following command:
$> aws sts decode-authorization-message --encoded-message <encoded message from error>
This will give you an output that looks like:
{"allowed":false,"explicitDeny":false,"matchedStatements":{"items":[]},"failures":{"items":[]},"context":{"principal":{"id":"APOZIAANAVSK6I6FK2RQI:i-66c78ee7","arn":"arn:aws:sts::<aws-account-id>:assumed-role/my-role-ec2/i-123456e7"},"action":"iam:PassRole","resource":"arn:aws:iam::<aws-account-id>:role/my-role-ec2","conditions":{"items":[]}}}
The error message is actually encoded JSON inside "", by default the embedded quotes (") are escaped as \"; to facilitate reading the error, extract the message portion and use a text editor to replace \" with ".
Related
I've been a reader for a while. Usually deal with stuff on my own but today I need a hint.
So I've been tasked to run an email campaign at my new job (100k audience) with minimal budget spent and very short notice (tomorrow). I leaned toward AWS (Amazon Web Services) because Amazon SES (Simple Email Service) is very cheap and you only pay what you use.
tried to use AWS SDK on command line. I made a tiny script to read the adresses file (.txt) line by line and execute a send mail command
#! /bin/bash
file='./test-list.txt'
from='sender#domain.com'
for line in $(<$file)
do
#send mail
aws ses send-templated-email --source=$from --destination=$line --template 'test' --template-data ""
done
Script returned the error message :
Error parsing parameter '--destination': Expected: '=', received: '#' for input:
To:recipient#domain.com
Now I'm not the bash king, but I've tried different parameter formulations and nothing got me rid of the error.
each line from the input file is a correct email address, and this looks like a parsing issue, but I don't get it.
any ideas ? It would help a ton :)
You need to use the correct format for destination from https://docs.aws.amazon.com/cli/latest/reference/ses/send-templated-email.html#options
Example using send-email:
aws ses send-email --from "example.com" --destination "ToAddresses=${line}" --text "hello world!" --subject "test"
Example like the one given:
aws ses send-templated-email --source $from --destination "ToAddresses=${line}" --template "test" --template-data ""
I'm trying to do prepare a script (.bat /.sh) with multiple commands and one of them is AWS Cli, and output of the execution has to be taken to a variable.
If the command is executed succesfully, it is returning the output that is expected, otherwise error is printing on console rather than to variable.
Any leads on this would be appreciated
Try below to redirect your standard error to the standard output and then store the standard output into the variable. This way you always get both so you can use $? to identify if the output is of type stderr or stdout
aws cli return codes
get_user=$(aws iam get-user --user-name johnDoe 2>&1)
echo $?
echo "$get_user"
255
An error occurred (NoSuchEntity) when calling the GetUser operation: The user with name johnDoe cannot be found.
I'm trying to create a cluster from inside one of my EC2 instances. Typing the following command to start my cluster-
aws emr create-cluster --release-label emr-5.20.0 --instance-groups instance-groups.json --auto-terminate and so on...
I receive the following error-
Error parsing parameter '--instance-groups': Expected: '=', received: 'EOF' for input:
instance-groups.json
^
I already tried --instance-groups=instance-groups.json, but I get the same error message.
What's wrong here?
The reason this was failing was because AWS has strict rules when it comes to providing the path for reading files within your EC2 instance.
So, if you want to read the file instance-groups.json (assuming it is in the same directory from where you're running the aws emr CLI command), you must provide file://instance-groups.json as the filename, instead of the straightforward instance-groups.json.
Got this same error message for importing a JSON file in AWS DynamoDB, I was trying to import it from an S3 bucket.
Error parsing parameter '--instance-groups': Expected: '=', received:
'EOF' for input: instance-groups.json
The issues got fixed when I moved file locally and executed the command with file://
So thanks
You have to provide like:-
--key Name=123456789
Had similar error as "Expected: ',', received: 'EOF' for input:". I noticed there was a string with space in one of my arguments. Fixed the space issue and it was resolved.
--lifecycle-configuration file://C:/Users/MyUser/Desktop/AMZ/lifecycle.json
This way works too.
I'm trying to send email attachments using the SES CLI, but every time the mail arrives and I open the attachment I get an error in Adobe:
could not open the file because it is either not a supported file type or because the file has been damaged.
The command I'm using is:
aws ses send-raw-email --raw-message file:///root/AWS/INSPECTOR/message.json
And the contents of that file is:
{
"Data": "From: sender#exmple.com\nTo: recipient#example.com\nSubject: Test email sent using the AWS CLI (contains an attachment)\nMIME-Version: 1.0\nContent-type: Multipart/Mixed; boundary=\"NextPart\"\n\n--NextPart\nContent-Type: text/plain\n\nThis is the message body.\n\n--NextPart\nContent-Type: application/pdf;\nContent-Disposition: attachment; filename=\"report.pdf\";\npath=\"\/tmp\/report.pdf\"\n\n--NextPart--"
}
I've seen the page at http://docs.aws.amazon.com/cli/latest/reference/ses/send-raw-email.html but I can't quite get the syntax correct, so any help would be appreciated....
The attachment should be passed in Base64 encoding with specifying Content-Transfer-Encoding: base64 in the MIME.
Here is the link of previous thread where I answered:
Sending aws cli SES as a file attachmennt
I was able to write some code for a college to solve the same issue for plain/text. I did try this with a PDF type but unfortunately I wasn't able to get that working correctly, the received file seemed to be corrupt. I think for other file types you have to encode it in base64 but not sure on the exact structure to be used with the cli.
echo '{"Data": "From: from#domain.com\nTo: to#domain.com\nSubject:
[Subject]\nMIME-Version: 1.0\nContent-type: Multipart/Mixed;
boundary=\"NextPart\"\n\n--NextPart\nContent-Type:
text/plain\n\n[Body]\n\n--NextPart\nContent-Type:
text/plain;\nContent-Disposition: attachment;
filename=\"test.txt\"\n\n'$(cat ./input.txt)'\n--NextPart--"}' >
message.json & aws ses send-raw-email --region eu-west-1 --raw-message
file://./message.json
Essentially the cat command in the middle writes the text into the message.json so that it can be dynamic. Hope this helps someone.
EDIT
Thanks to #James Dean:
The following is an example with a PDF attachment:
echo '{"Data": "From: from#domain.com\nTo: to#domain.com\nSubject:
[Subject]\nMIME-Version: 1.0\nContent-type: Multipart/Mixed;
boundary=\"NextPart\"\n\n--NextPart\nContent-Type:
text/plain\n\n[Body]\n\n--NextPart\nContent-Type:
application/pdf;\nContent-Disposition:
attachment;\nContent-Transfer-Encoding: base64;
filename=\"test.pdf\"\n\n'$(base64 test.pdf)'\n--NextPart--"}' > message.json & aws ses send-raw-email
--region eu-west-1 --raw-message file://./message.json
Cheers,
Alexei Blue.
The sample you tried to adapt adds plain text and embeds it to the email. You are trying to add a pdf, however you are only adding the header to the mail, but you aren't adding the pdfs content.
You need to embed the pdf base64 encoded as well.
Doing a quick search this answer to the slightly different question "How to embed images in email" might help you with the embedding. Instead of an image you want to embedded a pdf in this case.
If properly prepare your json and it should work with the aws-cli.
Using AWS CLI v2 to send a zip file:
echo '{"Data": "From: test#test.com\nTo: test#test.com\nSubject: Test email sent using the AWS CLI (contains an attachment)\nMIME-Version: 1.0\nContent-type: Multipart/Mixed; boundary="NextPart"\n\n--NextPart\nContent-Type: text/plain\n\nThis is the message body.\n\n--NextPart\nContent-Type: application/zip;\nContent-Disposition: attachment; filename="file.zip"\nContent-Transfer-Encoding: base64\n\n'$(base64 file.zip)'\n\n--NextPart--"}' > message2.json; /usr/local/bin/aws ses send-raw-email --cli-binary-format raw-in-base64-out --raw-message file://message2.json
This way you have encoded the file in base64, the HEADER specifies that, and then you send the rest of the data in raw format, and the CLI will encode that for you.
Below is the log stream I am getting with the CLI command :
And I am also getting the log streams as below:
But while accessing a log stream I am getting the below error:
So could you please help me where I am wrong or why the error is coming. Thanks in advance.
Try passing the values for log stream name and group name as double quoted strings, may be the params are not getting passed correctly