DEVHIDE
Login Or Sign up

DescribeInstances operation: AWS was not able to validate the provided access credentials

3.4k Views Asked by At

I am running a rundeck job in python in a workflow to start an instance. I receive the following boto3 exception for ap-south-1 region

Regions are: ['ap-south-1']
10:13:58    Traceback (most recent call last):
10:13:58      File "/var/lib/rundeck/pyscripts/rundeck_refactored_code/aws_zabbix/workflow_start.py", line 115, in <module>
10:13:58        start_instance()
10:13:58      File "/var/lib/rundeck/pyscripts/rundeck_refactored_code/aws_zabbix/workflow_start.py", line 80, in start_instance
10:13:58        res_inst = ec2.describe_instances(Filters=[{'Name': 'network-interface.addresses.private-ip-address', 'Values': [sys.argv[2]]}])
10:13:58      File "/usr/local/lib/python3.6/site-packages/botocore/client.py", line 316, in _api_call
10:13:58        return self._make_api_call(operation_name, kwargs)
10:13:58      File "/usr/local/lib/python3.6/site-packages/botocore/client.py", line 635, in _make_api_call
10:13:58        raise error_class(parsed_response, operation_name)
10:13:58    botocore.exceptions.ClientError: An error occurred (AuthFailure) when calling the DescribeInstances operation: AWS was not able to validate the provided access credentials
10:13:58    Failed: NonZeroResultCode: Result code was 1

I am using a secret key engine to authorize the access key & secret key from AWS & have defined the policy document defined

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": [
        "ec2:StartInstances",
        "ec2:StopInstances",
        "ec2:RebootInstances",
        "ec2:DescribeInstances",
        "ec2:DescribeInstanceStatus",
        ...

With python 3.6.8 on Centos7. boto3==1.14.20

As per the answer from this question.

After some time I tried the same script from the virtual machine host instead of rundeck the script executed successfully without any errors. Request an AWS expert or someone who experienced this to look into this issue.

the code around the error is:

    for region in regions:
        ec2 = boto3.client('ec2',region_name=region,aws_access_key_id=access_key, aws_secret_access_key=secret_key)
        res_inst = ec2.describe_instances(Filters=[{'Name': 'network-interface.addresses.private-ip-address', 'Values': [sys.argv[2]]}])

I have the access key & secret key retrieved from the secret engine

python-3.x amazon-web-services amazon-ec2 boto3 rundeck
Original Q&A
1

There are 1 best solutions below

2
On

Can you confirm your rundeck machine date time if it is synchronized or not?

To check your current time on CentOS.

date

You can consider to use ntpd to sync your machine with latest date time.

ntpd -g -q

Related Questions in PYTHON-3.X

Related Questions in AMAZON-WEB-SERVICES

Related Questions in AMAZON-EC2

Related Questions in BOTO3

Related Questions in RUNDECK

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.