3 Answers
- Newest
- Most votes
- Most comments
0
Thanks all for your advice. Root cause was identified and issue was resolved now. The MFA was enforced in CLI and temporary token was not setup in the profile hence unable to access the AWS services from CLI. The MFA enforcement has been removed for the AWS service I need to access in CLI and it's working now.
answered a year ago
0
Hi, You should verify that your cli profile is known:
aws configure list-profiles
then check the identity under which you will run your cli command:
aws sts get-caller-identity
Finally, you may run
aws sts get-caller-identity --profile (name of the profile you want to view)
0
Hi,
Could you check if your IAM user has the required permission to access the bucket? You will need a policy similar to the following to access the bucket objects
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::bucketname" ] }, { "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::bucketname/*" ] } ] }
answered a year ago
Relevant content
AWS OFFICIALUpdated 9 months ago- AWS OFFICIALUpdated 2 years ago
Hi Didier, thanks for the quick response. The result from running the first command above is 'default'. And when I run the 3rd command 'aws sts get-caller-identity --profile default', I got the same result as the 2nd command.
Ok. Good. Is then 'default' the profile containing the access / secret key that you expect ? If yes, check in IAM console that this key pair is attached to the user that you use in the console. That will ensure that the console credentials that work apply also to key pair in default profile.