I am seeing the error Aws::S3::Errors::InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records. when I try to send to view buckets in docker container.

#<Aws::S3::Client>
rake aborted!
Aws::S3::Errors::InvalidAccessKeyId: The AWS Access Key Id you provided does not exist in our records.

Test code in rake task:

require 'aws-sdk-s3'
region = 'us-east-1'
client = Aws::S3::Client.new(region: region)
client.list_buckets.buckets

I dont get error when I run it outside docker.

#<Aws::S3::Client>
[#<struct Aws::S3::Types::Bucket name="xyz", creation_date=2021-05-20 15:33:07 UTC> ....more data here....]

I generated new key and secret and verified it is there in ~/.aws/credentials. Also verified same credentials are there in ENV when I run code outside container.

I added credentials in docker containers .env file as well.

AWS_ACCESS_KEY_ID=ASIA************ZQ6
AWS_SECRET_ACCESS_KEY=Hffu**********************iDgW4

storage.yml

amazon:
  service: S3
  access_key_id: <%= ENV['AWS_ACCESS_KEY_ID'] %>
  secret_access_key: <%= ENV['AWS_SECRET_ACCESS_KEY'] %>
  region: <%= ENV['AWS_REGION'] %>
  bucket: <%= ENV['AWS_S3_BUCKET'] %>

Why running that code in docker giving me the error?

CodePudding user response：

Any chance your access key starts with a 0? I had this problem before and docker removed the left zero. Had to wrap the setting in ''.

CodePudding user response：

That seems odd.

Firstly, can you try installing aws cli inside your docker?

You can then try running aws cli command:

$ aws sts get-caller-identity --debug

You will be able to view what access keys your docker is actually using.

Also, can you confirm if your Docker's time is in sync with the time in the respective timezone?

IAM is configured in such a way that it will reject any requests that have more than 5 minutes of deviation from actual time within a given timezone.

Regards,
Harshavardhan