Ubuntu, Serverless Framework, AWS Credentials Failing - amazon-web-services

I cannot seem to get my AWS provider to use my AWS credentials in the Docker Containers
I have ran all of these so far
serverless config credentials --provider provider --key key --secret secret
&
aws configure
☝️ ran through the prompts and plugged in my info
&
export AWS_ACCESS_KEY_ID=blah
export AWS_SECRET_ACCESS_KEY=blah
export AWS_DEFAULT_REGION=east-whatever
But still, get stopped by AWS
ServerlessError: AWS provider credentials not found. Learn how to set up AWS provider credentials in our docs here:.
I have also generated and regenerated my IAM creds multipule time, also whne I run aws configure list it returns
Name Value Type Location
---- ----- ---- --------
profile <not set> None None
access_key ****************67GT shared-credentials-file
secret_key ****************6glt shared-credentials-file
region us-east-2 config-file ~/.aws/config
I am not sure what else to do, I am on Ubuntu 20.04 using Bash

I will take approach of setting everything using aws-cli ( hence aws cli installation is imp)
install aws cli
run aws configure -> enter your creds, this info will be stored in profile called default in ~/.aws/credentials file. docs.
verify your configuration by checking ~/.aws/config ~/.aws.credentials file
for serverless frame work deployment use this serverless deploy.
if mutiple profiles needs to be used use sls deploy --aws-profile profile-name

Related

How can I get AWS CLI to recognize my config file?

I'm trying to spin up a s3 bucket via the AWS CLI and I'm getting the error "upload failed: .\mylocalfile.txt to s3://testBucket/mylocalfile.txt Unable to locate credentials".
I've ran aws configure and aws configure set on a default profile and i've done aws configure on a specific profile as well. In either case when I run AWS configure list I get the following
Name Value Type Location
---- ----- ---- --------
profile TestProfile manual --profile
access_key <not set> None None
secret_key <not set> None None
region us-east-1 config-file ~/.aws/config
the secret key is set in the same config file as the region but they are being located for some reason.
When I run AWS configure list --profile TestProfile I expect the credentials set in AWS configure to appear properly.

AWS CDK deploy from circleCi fails with credential error but other aws services do not

I am running a cdk deploy build on circleCi, and when the step CDK deploy comes it gives me "Need to perform AWS calls for account ************, but no credentials have been configured".
But for the troubleshooting i tried other commands as well like
aws s3 ls
aws aws cloudformation list-stacks
These above commands we working fine, also able to run command to create a cloudformation with same config but not able to run cdk deploy. the access key and secret i am using has Admin access.
Set the creds with a profile name using aws-cli Orb in CircleCI and
try using the below command to deploy with CDK
cdk deploy --all --profile cdkprofile
For reference, in CircleCI
orbs:
aws-cli: circleci/aws-cli#2.0.3
commands:
env-setup:
description: AWS Env Setup
steps:
- aws-cli/setup:
profile-name: cdkprofile
aws-access-key-id: AWS_ACCESS_KEY_ID
aws-secret-access-key: AWS_SECRET_ACCESS_KEY
And assumption is AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY are set as CircleCI env variables
As a starting note: The best way to troubleshoot is with cdk [command] --verbose (see CLI ref)
CDK has an internal mechanism for finding credentials not directly using AWS CLI (AWS CLI is not a requirement for CDK to run)
In a similar situation with a CI tool, the issue was simply that the ~/.aws/credentials file did not exist (not that you need it with AWS CLI, but in the situation for CDK, it was required)
Credit to this issue reporting: https://github.com/aws/aws-cdk/issues/6947#issue-586402006
Solution tested for above:
For an EC2 running CI tool, with EC2 IAM role
Where ~/.aws/config exists and defined profile(s) with:
credential_source = Ec2InstanceMetadata
role_arn = arn:aws:iam:::role/role-to-assume-in-acctId
Create empty ~/.aws/credentials file
Example error for the problem solved above (from verbose output)
Resolving default credentials
Notices refreshed
Unable to determine the default AWS account: ProcessCredentialsProviderFailure: Profile myprofile did not include credential process
Other causes found in other issues/comments could relate to:
Duplicate profiles
Having credential_process in the profile, set to empty
Needing --profile parameter to be added

Setting up AWS credentials

I am having problems configuring my AWS credentials on Serverless using my terminal. Once I place:
serverless config credentials --provider aws --key xx --secret xxx --profile serverless-admin2
After that the system responds "setting up aws..." and doesn't do anything else. Am I doing something wrong?
The command just only creates a new entry in your ~/.aws/credentials file. Thus to check if it worked, inspect ~/.aws/credentials and see if [serverless-admin2] profile was created with your aws keys.
If not, you can add the profile yourself there.

AWS Secrets Manager - use secrets in local Codebuild container

I have database credentials stored in AWS Secrets Manager which I'd like to pull and set as environment variables in a localised Codebuild container. I am using the 4.0 Codebuild image and the codebuild_build.sh script to test Codebuild on my local machine.
Currently my buildspec.yml looks like this at the start:
version: 0.2
env:
secrets-manager:
DATABASE_USER: <secret_name>:<secret_key_for_database_user>
When I run the script I get this:
agent_1 | [Container] 2020/12/06 21:30:16 Phase context status code: Secrets Manager Error Message: ResourceNotFoundException: Secrets Manager can't find the specified secret.
agent_1 | [Container] 2020/12/06 21:30:16 Runtime error (*clienterr.PhaseContextError: ResourceNotFoundException: Secrets Manager can't find the specified secret.)
I've tried obtaining the secret using the aws client and that works fine. I don't think it's an issue with my credentials because I get to this step when running the codebuild_build.sh script with the -c option and when hardcoding my aws secret key id and the secret key itself into the buildspec.yml. I have also tried using the full ARN of the secret but have had no luck.
Is there a trick that I'm missing here? Do I need to update the resource permissions on the secret itself inside the AWS Secrets Manager or on Codebuild, (both locally and on AWS)?

AWS Lambda Serverless deploy asking for AWS provider credentials

I have configured serverless with key and secret.
When i try to run serverless deploy it says:
ServerlessError: AWS provider credentials not found. Learn how to set up AWS provider credentials in our docs here:.
Please help me what to do
This is how to setup AWS credentials on the local:
Sign in to AWS console
Go to your AWS account overview
Account menu in the upper-right (has your name on it)
sub-menu: Security Credentials
Copy <Access Key ID>
Copy <Secret Access Key>
Run on local serverless config credentials --provider aws --key <Access Key ID> --secret <Secret Access Key>
You can set up your serverless credentials by using the serverless config credentials command, with --provider aws and using --key and --secret to set your AWS Access Key ID and Secret Access Key, respectively.
See the Serverless AWS - Config Credentials documentation for Serverless specifics, and this AWS document on security credentials in case you need to figure out what your credentials are.
Also give your profile and region configuration in your yml file
provider:
name: aws
runtime: python2.7
lambdaHashingVersion: 20201221
profile: 'serverless-admin'
region: 'us-east-1'
I had the same problem. I try everything. I configure my credentials (AWS key and secret) with both aws cli and serverless cli but still got that same error when I run:
sls deploy -v
I was using CMD before then I realize something when I run the command
aws configure list
the output is
Name Value Type Location
---- ----- ---- --------
profile <not set> None None
access_key ****************SOU5 shared-credentials-file
secret_key ****************Cki5 shared-credentials-file
region eu-west-1 config-file ~/.aws/config
the path of the config file is
~/.aws/config
and CMD don't know what ~/ PATH IS but Bash does know
😈
then I run the
sls deploy -v
on bash terminal and it worked 🎉🙌🙌🎉🐱‍🏍
For those who has the same problem, even when already configured the AWS credentials for serverless, by running the command serverless config credentials:
I had the same problem; even when I had set up properly my AWS credentials on serverless, when I run the serverless deploy command, I got this: ServerlessError: AWS provider credentials not found.
How did I solved it? By installing and configuring the AWS CLI Tool. Once I installed it and configured it with my AWS credentials, and then run again the serverless deploy command, it just works fine.
I guess the serverless command, behind the scenes, uses the AWS CLI to access AWS and provision the AWS resources.
I hope this could be helpful for someone.