1 Answer
- Newest
- Most votes
- Most comments
0
Hi, can you check to which home directory you have configured?
sudo echo $HOME
You'll likely have /home/ec2-user /home/ssm-user and /home/root home directories. Also, have you considered using an IAM role attached to the instance for managing access to AWS resources?
Relevant content
- asked 2 years ago
- asked 3 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 4 days ago
- AWS OFFICIALUpdated 9 months ago
- AWS OFFICIALUpdated a year ago
Thank you. Before posting I already compared the contents and path of ~/.aws/credentials with and without sudo. In both cases they are the same, pointing to the same directory. And in fact I can read the credentials manually from there and use them for authentication using environment variables. In addition I now have compared output of "echo $HOME" with "sudo echo $HOME", all pointing to the same path, one of yours listed above. aws CLI refuses to use the file. The instance is running on another AWS account but for us. Therefore we do not intend to attach the role to the instance.
A security best practice is to rotate your credentials. Using an Instance Profile and Role will enable that automatically. You should use the instance metadata version 2: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html