• Skip to main content

Uly.me

cloud engineer

  • Home
  • About
  • Archives

awscli

AWS SDK Load Config

February 14, 2022

Occasionally I was getting this random error when running Terraform.

╷
│ Error: error configuring Terraform AWS Provider: no valid credential sources for Terraform AWS Provider found.
│ 
│ Please see https://registry.terraform.io/providers/hashicorp/aws
│ for more information about providing credentials.
│ 
│ Error: RequestError: send request failed
│ caused by: Post "https://sts.amazonaws.com/": read tcp xx.xx.xx.xx:59422->xx.xx.xx.xx:443: read: connection reset by peer
│ 
│ 
│   with provider["registry.terraform.io/hashicorp/aws"],
│   on main.tf line 10, in provider "aws":
│   10: provider "aws" {

╷ │ Error: error configuring Terraform AWS Provider: no valid credential sources for Terraform AWS Provider found. │ │ Please see https://registry.terraform.io/providers/hashicorp/aws │ for more information about providing credentials. │ │ Error: RequestError: send request failed │ caused by: Post "https://sts.amazonaws.com/": read tcp xx.xx.xx.xx:59422->xx.xx.xx.xx:443: read: connection reset by peer │ │ │ with provider["registry.terraform.io/hashicorp/aws"], │ on main.tf line 10, in provider "aws": │ 10: provider "aws" {

Here’s the fix. Place this in your ~/.bash_profile.

export AWS_SDK_LOAD_CONFIG=1

export AWS_SDK_LOAD_CONFIG=1

This forces Terraform to use both config and credentials file.

Filed Under: Linux Tagged With: aws, awscli, bash_profile, cli, config, credentials, sdk, terraform

AWS Request Domain Renewal

September 17, 2021

Occassionally, AWS requires validation of your domain via email message. Here’s the command to send a request.

aws acm resend-validation-email \
--certificate-arn arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx \
--domain yourdomain.com \
--validation-domain yourdomain.com
 
aws acm resend-validation-email \
--certificate-arn arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx \
--domain www.yourdomain.com \
--validation-domain yourdomain.com

aws acm resend-validation-email \ --certificate-arn arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx \ --domain yourdomain.com \ --validation-domain yourdomain.com aws acm resend-validation-email \ --certificate-arn arn:aws:acm:us-east-1:xxxxxxxxxxxx:certificate/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx \ --domain www.yourdomain.com \ --validation-domain yourdomain.com

You will need acm:ResendValidationEmail permission to run the command.

Filed Under: Cloud Tagged With: acm, awscli, certificate, renewal, validation

AWSCLI Permission Denied

September 15, 2021

When running awscli as a user, I’m getting a permissioned denied.

[user@servername ~]$ aws s3 ls
Traceback (most recent call last):
  File "/home/db2inst1/.local/bin/aws", line 19, in <module>
    import awscli.clidriver
  File "/home/db2inst1/.local/lib/python2.7/site-packages/awscli/clidriver.py", line 17, in <module>
    import botocore.session
  File "/home/db2inst1/.local/lib/python2.7/site-packages/botocore/session.py", line 26, in <module>
    import botocore.configloader
  File "/home/db2inst1/.local/lib/python2.7/site-packages/botocore/configloader.py", line 19, in <module>
    from botocore.compat import six
  File "/home/db2inst1/.local/lib/python2.7/site-packages/botocore/compat.py", line 172, in <module>
    import xml.etree.cElementTree
  File "/usr/lib64/python2.7/xml/etree/cElementTree.py", line 3, in <module>
    from _elementtree import *
ImportError: PyCapsule_Import could not import module "pyexpat"

[user@servername ~]$ aws s3 ls Traceback (most recent call last): File "/home/db2inst1/.local/bin/aws", line 19, in <module> import awscli.clidriver File "/home/db2inst1/.local/lib/python2.7/site-packages/awscli/clidriver.py", line 17, in <module> import botocore.session File "/home/db2inst1/.local/lib/python2.7/site-packages/botocore/session.py", line 26, in <module> import botocore.configloader File "/home/db2inst1/.local/lib/python2.7/site-packages/botocore/configloader.py", line 19, in <module> from botocore.compat import six File "/home/db2inst1/.local/lib/python2.7/site-packages/botocore/compat.py", line 172, in <module> import xml.etree.cElementTree File "/usr/lib64/python2.7/xml/etree/cElementTree.py", line 3, in <module> from _elementtree import * ImportError: PyCapsule_Import could not import module "pyexpat"

This is a permission error with the directory where the awscli is installed.

$ which aws 
/usr/local/bin/aws

$ which aws /usr/local/bin/aws

I ran chmod to fix the directory permission.

chmod -R 755 /usr/local/aws-cli/

chmod -R 755 /usr/local/aws-cli/

The error is now gone.

$ aws s3 ls
bucket-1
bucket-2
bucket-3

$ aws s3 ls bucket-1 bucket-2 bucket-3

Filed Under: Cloud, Linux Tagged With: awscli, chmod, issue, permission

AWSCLI cli_pager

September 5, 2021

In AWSCLI Version 2, it’s using “less” by default to send output to the screen. Less displays output one page at a time.

If less interferes with your script, then you can set “cli_pager” in ~/.aws/config to use nothing.

[default]
region = us-east-2
output = json
cli_pager =

[default] region = us-east-2 output = json cli_pager =

If you have other profiles, add them as well.

[lightsail]
region = us-east-2
output = json
cli_pager =

[lightsail] region = us-east-2 output = json cli_pager =

Filed Under: Cloud, Linux Tagged With: awscli, cli_pager, less, v2

Uninstall AWSCLI v2 on Linux

September 1, 2021

How to uninstall AWSCLI version 2 on Linux

Locate aws.

$ which aws
/usr/local/bin/aws

$ which aws /usr/local/bin/aws

Delete the symlinks.

$ ls -l /usr/local/bin/aws
$ sudo rm /usr/local/bin/aws
$ sudo rm /usr/local/bin/aws_completer

$ ls -l /usr/local/bin/aws $ sudo rm /usr/local/bin/aws $ sudo rm /usr/local/bin/aws_completer

Delete the install directory.

$ sudo rm -rf /usr/local/aws-cli

$ sudo rm -rf /usr/local/aws-cli

Once deleted, you can reinstall awscli.

Filed Under: Cloud Tagged With: awscli, uninstall, v2

  • Home
  • About
  • Archives

Copyright © 2023