How to fix no region or no credentials found errors when using aws sdk apis

Did you face missing region or credentials error any time using aws client sdk apis ?

com.amazonaws.SdkClientException: Unable to load AWS credentials from any provider in the chain

or

com.amazonaws.SdkClientException: Unable to find a region via the region provider chain. Must provide an explicit region in the builder or setup environment to supply a region.

Client Creation

Assume you are creating a client as below without supplying any specific credentials to the client builder, the DefaultAWSCredentialsProviderChain class is used.

AmazonDynamoDB ddb = AmazonDynamoDBClientBuilder.defaultClient();

The DefaultAWSCredentialsProviderChain goes trying to find the credentials(access key, secret key and region) in the below order until it finds and returns early.If it does not find credentials in any of the below places, it throws an error.

AWS sdk client will search for the access credentials in the below order

  1. Environment variablesAWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY.
  2. Java system propertiesaws.accessKeyId and aws.secretKey
  3. Web Identity Token credentials from the environment or container.
  4. The default credential profiles file– typically located at ~/.aws/credentials
  5. Amazon ECS container credentials
  6. Instance profile credentials

You can check the docs here.

Environment or Property Variables

If you are passing credentials to your app as environment variables, try doing a dry run to see if those are accessible in code.For example in java, we can try below

System.getenv("AWS_ACCESS_KEY_ID")

If you are passing aws credentials as properties to your java app, try to test if your application is able to access the credentials as below

System.getProperty("aws.accessKeyId")

Note: The key names are different when you pass as properties compared to when you pass as env variables.

Also if you are using beanstalk, check this

Environment variables

In most cases, environment properties are passed to your application as environment variables, but the behavior is platform dependent. For example, the Java SE platform sets environment variables that you retrieve with System.getenv, while the Tomcat platform sets Java system properties that you retrieve with System.getProperty. In general, properties are not visible if you connect to an instance and run env.

Credentials File

If you using credentials from file check if you have properly configured aws credentials using cli.

# lists all the existing profiles.
aws configure list

If the output of the above command does not have region configured, use aws cli to set region.

Also ensure that if you are using a custom profile in your code, that profile is listed above.Generally when you configure cli without a profile name, default profile is assumed.So when you don’t mention profile api calls, the default profile is used.Check if your default profile has required access permissions to aws resources.

Check the user your application is running as and also that user has aws profile configured and not the logged in user.

ps -ef

If your application is run as user x, ensure /home/x/.aws is present and is having required permissions.

Below command will make user x the owner of the aws config directory.

chown x /home/x/.aws

Note: If you are using tomcat, ensure the credentials file is present in the directory of the tomcat user i.e the user tomcat is run as.You can check which user tomcat is running as by using ps -ef or the tomcat service file if you are running it as a system service.

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Using the Unity Animation System

We have read him books about being empathic, being kind, not bullying etc., blogger

GitHub: How to Convert a forked public repository to private?

I will fix HTML CSS bootstrap bugs in 6 hours

Where have I been ?— GPX track from images

Webinar Recap: How to Benefit from API specifications with Strapi and Postman

WHERE vs. HAVING in SQL

Differences between the WHERE and HAVING clauses written side by side

The Escape button is a feature

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
none

none

More from Medium

Methods to win an argument as a Software Engineer.

With big power comes big responsibility

Scroll to first error in Redux form

Idea: “Do not disturb” mode shared between devices, cross-platform.