By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records. using serverless

0

I am having this issue when I set up serverless with s3, I do not know what is the problem, If I set up credetials generated for my self I do not have those issues.

This is my s3 config file:

const s3Config = {
  bucketName: process.env.AWS_S3_BUCKET_NAME || 'bloodknot-storage-dev',
  region: (process.env.AWS_REGION || 'us-east-2') as BucketLocationConstraint,
  credentials: {
    accessKeyId: process.env.AWS_ACCESS_KEY_ID || '',
    secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY || '',
  },
}

const s3Client = new S3Client(s3Config)


export {
  s3Config,
  GetObjectCommand,
  PutObjectCommand,
  DeleteObjectCommand,
  ListObjectsV2Command,
  S3Client,
  getSignedUrl,
  HeadObjectCommand,
}

export default s3Client

this is the error I get using serverless credentials:

[Nest] 95557  - 05/06/2024, 10:06:32 PM   ERROR [Aws-config] Failed to create bucket:
[Nest] 95557  - 05/06/2024, 10:06:32 PM   ERROR [Aws-config] InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.
InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.
    at throwDefaultError (/home/seb/Desktop/knotblood/bloodknot-backend/node_modules/@smithy/smithy-client/dist-cjs/index.js:838:20)
    at /home/seb/Desktop/knotblood/bloodknot-backend/node_modules/@smithy/smithy-client/dist-cjs/index.js:847:5
    at de_CommandError (/home/seb/Desktop/knotblood/bloodknot-backend/node_modules/@aws-sdk/client-s3/dist-cjs/index.js:4756:14)
    at processTicksAndRejections (node:internal/process/task_queues:95:5)
Topics
ServerlessStorage
Tags
ServerlessAmazon S3 Glacier
Language
English
sebastian
asked 13 days ago69 views
2 Answers
2

Hlo,

The error message you're encountering, "InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records," indicates that the AWS SDK is unable to authenticate with AWS using the provided access key ID. This typically happens when the access key ID you've configured does not match any valid IAM user or role in your AWS account.

Here are a few steps you can take to troubleshoot and resolve this issue:

Double-Check Access Key ID and Secret Access Key: Ensure that the access key ID and secret access key you're using are correct. Even a small typo can cause authentication failures.

Verify IAM Permissions: Ensure that the IAM user or role associated with the access key ID has the necessary permissions to interact with the S3 bucket. Make sure the IAM policies attached to the user or role include permissions for the required S3 operations (e.g., s3:GetObject, s3:PutObject, etc.).

**Check Environment Variables: **Confirm that the environment variables (AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY) are set correctly. If you're using environment variables to provide credentials, double-check that they are being correctly read by your application.

**Test with AWS CLI: **Use the AWS CLI to verify that the access key ID and secret access key work as expected. You can run aws s3 ls or any other S3 command to test the credentials.

Review AWS IAM User/Role: If you're still encountering issues, review the IAM user or role configuration in the AWS Management Console. Ensure that the user or role is active and that the correct access key ID is associated with it.

**Rotate Access Keys: **If you suspect that the access key ID might be compromised or incorrectly configured, consider rotating the access keys for the IAM user or role.

Check AWS SDK Version Compatibility: Ensure that the version of the AWS SDK you're using is compatible with the Node.js runtime and environment you're working in.

Thanniru Anil Kumar
answered 13 days ago
0

Hi,

The best practice for serverless application is to NOT use IAM credentials with AWS_ACCESS_KEY_ID |and AWS_SECRET_ACCESS_KEY. The right way to go is to associate an execution role to your Lambda and the add IAM Statements granting proper access to the resources that you need to access.

See https://docs.aws.amazon.com/lambda/latest/dg/lambda-intro-execution-role.html

This article also details how to use execution roles properly: https://medium.com/aws-lambda-serverless-developer-guide-with-hands/aws-lambda-permissions-execution-role-and-resource-based-policies-be2e325998fc

Best,

Didier

profile pictureAWS
EXPERT
Didier_Durand
answered 13 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content