Styjun

What was the first third-party commercial application for MS-DOS?

How do I remove this inheritance-related code smell?

Warnings using NDSolve on wave PDE. "Using maximum number of grid points" , "Warning: scaled local spatial error estimate"

Why don't we have a weaning party like Avraham did?

How can a warlock learn from a spellbook?

How did the Vostok ejection seat safely eject an astronaut from a sealed space capsule?

Why does independence imply zero correlation?

I just entered the USA without passport control at Atlanta airport

Should the party get XP for a monster they never attacked?

Is there a term for the belief that "if it's legal, it's moral"?

Is the continuity test limit resistance of a multimeter standard?

Explain why a line can never intersect a plane in exactly two points.

Find All Possible Unique Combinations of Letters in a Word

Why does Linux list NVMe drives as /dev/nvme0 instead of /dev/sda?

Find the common ancestor between two nodes of a tree

Why is oilcloth made with linseed oil?

What does this Swiss black on yellow rectangular traffic sign with a symbol looking like a dart mean?

Subtract the Folded Matrix

Umlaut character order when sorting

Why isn't my calculation that we should be able to see the sun well beyond the observable universe valid?

Why isn't it a compile-time error to return a nullptr as a std::string?

What is "industrial ethernet"?

What mathematical theory is required for high frequency trading?

What happened to Hopper's girlfriend in season one?

aws ec2 instance - permission denied to write to ~/.aws/credentials

How to get the instance id from within an ec2 instance?How can I exclude all “permission denied” messages from “find”?Trying to SSH into an Amazon Ec2 instance - permission errorUsing scp to copy a file to Amazon EC2 instance?Amazon EC2 Server - Log-in server with root permissionPermission denied (publickey) when SSH Access to Amazon EC2 instanceAmazon AWS Filezilla transfer permission deniedPermission denied (public key) for ubuntu user but not for root on AWS EC2 instanceAWS EC2 Permission deniedLocked out of AWS EC2 Instance - forgot ssh root password?

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;

0

When ssh into a aws ec2 linux instance, the user is ec2-user by default. Then I need to set aws credentials by writing to ~/.aws/credentials, but got permission denied. I feel that if I use sudo then the credentials file would be owned by root user, as a result my api server can't read from it.

What's the correct approach to set up aws credentials there?

bash amazon-web-services amazon-ec2

share|improve this question

asked Mar 25 at 6:57

Stanley LuoStanley Luo

90811327

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  The correct way is to use an IAM Role (see below). However, if you do wish to create the credentials file, the easiest way is to run aws configure, which will create it for you. It is very strange that you got a permission denied error. I wonder if it was because the ~/.aws directory did not exist, so it could not create a file within it.
  
  – John Rotenstein
  Mar 25 at 8:52
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  @JohnRotenstein Thank you! In my case the ~/.aws directory was owned by root somehow. Deleting and recreating solved the issue.
  
  – Stanley Luo
  Mar 25 at 22:56
  

  
  
  
  

add a comment | 

0

When ssh into a aws ec2 linux instance, the user is ec2-user by default. Then I need to set aws credentials by writing to ~/.aws/credentials, but got permission denied. I feel that if I use sudo then the credentials file would be owned by root user, as a result my api server can't read from it.

What's the correct approach to set up aws credentials there?

bash amazon-web-services amazon-ec2

share|improve this question

asked Mar 25 at 6:57

Stanley LuoStanley Luo

90811327

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  The correct way is to use an IAM Role (see below). However, if you do wish to create the credentials file, the easiest way is to run aws configure, which will create it for you. It is very strange that you got a permission denied error. I wonder if it was because the ~/.aws directory did not exist, so it could not create a file within it.
  
  – John Rotenstein
  Mar 25 at 8:52
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  @JohnRotenstein Thank you! In my case the ~/.aws directory was owned by root somehow. Deleting and recreating solved the issue.
  
  – Stanley Luo
  Mar 25 at 22:56
  

  
  
  
  

add a comment | 

When ssh into a aws ec2 linux instance, the user is ec2-user by default. Then I need to set aws credentials by writing to ~/.aws/credentials, but got permission denied. I feel that if I use sudo then the credentials file would be owned by root user, as a result my api server can't read from it.

What's the correct approach to set up aws credentials there?

bash amazon-web-services amazon-ec2

share|improve this question

asked Mar 25 at 6:57

Stanley LuoStanley Luo

90811327

share|improve this question

asked Mar 25 at 6:57

Stanley LuoStanley Luo

90811327

share|improve this question

asked Mar 25 at 6:57

Stanley LuoStanley Luo

90811327

asked Mar 25 at 6:57

Stanley LuoStanley Luo

90811327

asked Mar 25 at 6:57

Stanley LuoStanley Luo

90811327

2 Answers
2

active

oldest

votes

2

The 'correct' way to setup the credentials, is to assign a role to the ec2 instance when you create it (or assign them after you create it). That role can be created and assigned to the EC2 instance via the AWS console - there is no need to ssh in and create the credentials there.

See: Easily Replace or Attach an IAM Role to an Existing EC2 Instance by Using the EC2 Console | AWS Security Blog

share|improve this answer

edited Mar 25 at 8:51

John Rotenstein

85.8k896149

answered Mar 25 at 8:39

E.J. BrennanE.J. Brennan

34.7k46199

add a comment | 

0

You can create the credentials file locally, then upload to your ec2 instance.

1. create the credentials file locally

$ vim credentials

2. upload to your ec2 instance

$ scp /path/credentials username@servername:/path

share|improve this answer

answered Mar 25 at 7:36

张利龙张利龙

11

add a comment | 

Your Answer

StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55332610%2faws-ec2-instance-permission-denied-to-write-to-aws-credentials%23new-answer', 'question_page');

);

Post as a guest

Name

Email

Required, but never shown

2

The 'correct' way to setup the credentials, is to assign a role to the ec2 instance when you create it (or assign them after you create it). That role can be created and assigned to the EC2 instance via the AWS console - there is no need to ssh in and create the credentials there.

See: Easily Replace or Attach an IAM Role to an Existing EC2 Instance by Using the EC2 Console | AWS Security Blog

share|improve this answer

edited Mar 25 at 8:51

John Rotenstein

85.8k896149

answered Mar 25 at 8:39

E.J. BrennanE.J. Brennan

34.7k46199

add a comment | 

2

The 'correct' way to setup the credentials, is to assign a role to the ec2 instance when you create it (or assign them after you create it). That role can be created and assigned to the EC2 instance via the AWS console - there is no need to ssh in and create the credentials there.

See: Easily Replace or Attach an IAM Role to an Existing EC2 Instance by Using the EC2 Console | AWS Security Blog

share|improve this answer

edited Mar 25 at 8:51

John Rotenstein

85.8k896149

answered Mar 25 at 8:39

E.J. BrennanE.J. Brennan

34.7k46199

add a comment | 

The 'correct' way to setup the credentials, is to assign a role to the ec2 instance when you create it (or assign them after you create it). That role can be created and assigned to the EC2 instance via the AWS console - there is no need to ssh in and create the credentials there.

See: Easily Replace or Attach an IAM Role to an Existing EC2 Instance by Using the EC2 Console | AWS Security Blog

share|improve this answer

edited Mar 25 at 8:51

John Rotenstein

85.8k896149

answered Mar 25 at 8:39

E.J. BrennanE.J. Brennan

34.7k46199

share|improve this answer

edited Mar 25 at 8:51

John Rotenstein

85.8k896149

answered Mar 25 at 8:39

E.J. BrennanE.J. Brennan

34.7k46199

edited Mar 25 at 8:51

John Rotenstein

85.8k896149

edited Mar 25 at 8:51

John Rotenstein

85.8k896149

answered Mar 25 at 8:39

E.J. BrennanE.J. Brennan

34.7k46199

answered Mar 25 at 8:39

E.J. BrennanE.J. Brennan

34.7k46199

0

You can create the credentials file locally, then upload to your ec2 instance.

1. create the credentials file locally

$ vim credentials

2. upload to your ec2 instance

$ scp /path/credentials username@servername:/path

share|improve this answer

answered Mar 25 at 7:36

张利龙张利龙

11

add a comment | 

0

You can create the credentials file locally, then upload to your ec2 instance.

1. create the credentials file locally

$ vim credentials

2. upload to your ec2 instance

$ scp /path/credentials username@servername:/path

share|improve this answer

answered Mar 25 at 7:36

张利龙张利龙

11

add a comment | 

You can create the credentials file locally, then upload to your ec2 instance.

1. create the credentials file locally

$ vim credentials

2. upload to your ec2 instance

$ scp /path/credentials username@servername:/path

share|improve this answer

answered Mar 25 at 7:36

张利龙张利龙

11

$ vim credentials

$ scp /path/credentials username@servername:/path

share|improve this answer

answered Mar 25 at 7:36

张利龙张利龙

11

answered Mar 25 at 7:36

张利龙张利龙

11

answered Mar 25 at 7:36

张利龙张利龙

11