How to fix no region or no credentials found errors when using aws sdk apis

Did you face missing region or credentials error any time using aws client sdk apis ?

com.amazonaws.SdkClientException: Unable to load AWS credentials from any provider in the chain

or

com.amazonaws.SdkClientException: Unable to find a region via the region provider chain. Must provide an explicit region in the builder or setup environment to supply a region.

Client Creation

Assume you are creating a client as below without supplying any specific credentials to the client builder, the DefaultAWSCredentialsProviderChain class is used.

AmazonDynamoDB ddb = AmazonDynamoDBClientBuilder.defaultClient();

The DefaultAWSCredentialsProviderChain goes trying to find the credentials(access key, secret key and region) in the below order until it finds and returns early.If it does not find credentials in any of the below places, it throws an error.

AWS sdk client will search for the access credentials in the below order

  1. Environment variablesAWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY.
  2. Java system propertiesaws.accessKeyId and aws.secretKey
  3. Web Identity Token credentials from the environment or container.
  4. The default credential profiles file– typically located at ~/.aws/credentials
  5. Amazon ECS container credentials
  6. Instance profile credentials

You can check the docs here.

Environment or Property Variables

If you are passing credentials to your app as environment variables, try doing a dry run to see if those are accessible in code.For example in java, we can try below

System.getenv("AWS_ACCESS_KEY_ID")

If you are passing aws credentials as properties to your java app, try to test if your application is able to access the credentials as below

System.getProperty("aws.accessKeyId")

Note: The key names are different when you pass as properties compared to when you pass as env variables.

Also if you are using beanstalk, check this

Environment variables

In most cases, environment properties are passed to your application as environment variables, but the behavior is platform dependent. For example, the Java SE platform sets environment variables that you retrieve with System.getenv, while the Tomcat platform sets Java system properties that you retrieve with System.getProperty. In general, properties are not visible if you connect to an instance and run env.

Credentials File

If you using credentials from file check if you have properly configured aws credentials using cli.

# lists all the existing profiles.
aws configure list

If the output of the above command does not have region configured, use aws cli to set region.

Also ensure that if you are using a custom profile in your code, that profile is listed above.Generally when you configure cli without a profile name, default profile is assumed.So when you don’t mention profile api calls, the default profile is used.Check if your default profile has required access permissions to aws resources.

Check the user your application is running as and also that user has aws profile configured and not the logged in user.

ps -ef

If your application is run as user x, ensure /home/x/.aws is present and is having required permissions.

Below command will make user x the owner of the aws config directory.

chown x /home/x/.aws

Note: If you are using tomcat, ensure the credentials file is present in the directory of the tomcat user i.e the user tomcat is run as.You can check which user tomcat is running as by using ps -ef or the tomcat service file if you are running it as a system service.

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

PDF and XLSX reports with Ruby on Rails

Test post

How to solve the problem of multi thread Flume agent slow job?

Run an internal Q&A forum

How to Build and Deploy a Language Translation Web App using Azure Cognitive Service and Azure App…

How do I organize my RSpec files

Fun Hack: Copy commands to a local VM without clipboard

SAFE NETWORK DEVELOPMENT SUMMARY — AUGUST 2017

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
none

none

More from Medium

Understanding the database connection pool (DBCP) properties

Github Actions: The Basics

github actions logo

Multi-Thread Your Winform UI

Man on a riding mower appearing to be going so fast the wheels and road is on fire

Best Practices for Version Controlling and NoSQL