3 個答案
- 最新
- 最多得票
- 最多評論
0
Thanks all for your advice. Root cause was identified and issue was resolved now. The MFA was enforced in CLI and temporary token was not setup in the profile hence unable to access the AWS services from CLI. The MFA enforcement has been removed for the AWS service I need to access in CLI and it's working now.
已回答 1 年前
0
Hi, You should verify that your cli profile is known:
aws configure list-profiles
then check the identity under which you will run your cli command:
aws sts get-caller-identity
Finally, you may run
aws sts get-caller-identity --profile (name of the profile you want to view)
0
Hi,
Could you check if your IAM user has the required permission to access the bucket? You will need a policy similar to the following to access the bucket objects
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "s3:ListBucket" ], "Resource": [ "arn:aws:s3:::bucketname" ] }, { "Effect": "Allow", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::bucketname/*" ] } ] }
已回答 1 年前
相關內容
- AWS 官方已更新 3 年前
- AWS 官方已更新 2 年前
- AWS 官方已更新 3 年前
Hi Didier, thanks for the quick response. The result from running the first command above is 'default'. And when I run the 3rd command 'aws sts get-caller-identity --profile default', I got the same result as the 2nd command.
Ok. Good. Is then 'default' the profile containing the access / secret key that you expect ? If yes, check in IAM console that this key pair is attached to the user that you use in the console. That will ensure that the console credentials that work apply also to key pair in default profile.