s5cmd
s5cmd copied to clipboard
peak
Assume role profile doesn't work
I'm using assume role functionality by means of source_profile (https://docs.aws.amazon.com/cli/latest/topic/config-vars.html#using-aws-iam-roles) and it looks like s5cmd doesn't support this despite declaring it relies upon AWS SDK (https://github.com/peak/s5cmd#specifying-credentials):
> sed -n '/^\[ops-admin]/,/^$/p' ~/.aws/credentials.mycompany
[ops-admin]
role_arn = arn:aws:iam::XXXXXXXXXXXX:role/ops-admin
source_profile = default
> aws --profile ops-admin sts get-caller-identity
{
"UserId": "AROA[…]:botocore-session-1686921474",
"Account": "XXXXXXXXXXXX",
"Arn": "arn:aws:sts::XXXXXXXXXXXX:assumed-role/ops-admin/botocore-session-1686921474"
}
> s5cmd --profile ops-admin ls s3://my-bucket-XXXXXXXXXXXX/
ERROR "ls s3://my-bucket-XXXXXXXXXXXX/": SharedCredsAccessKey: shared credentials ops-admin in /home/giermulnik/.aws/credentials.mycompany did not contain aws_access_key_id
Is there anything I can do to overcome this natively (apart from creating dedicated AWS CLI profile with AWS access creds in right it)? Thanks.
Hello,
I tried to access an account using --profile to do a switch role but is its failing with ERROR "ls s3://my-bucket/": SharedCredsLoad: failed to get profile
I'm using versión 2.1.0 with the following command:
s5cmd --credentials-file ~/.aws/credentials --profile my-profile ls s3://my-bucket/
> s5cmd version v2.1.0-beta.1-3e08061
Same did not contain aws_access_key_id error with v2.1.0-3efbbe8
Hi all! I had exactly the same problem as you:
s5cmd --profile="prod" ls
ERROR "ls": SharedCredsAccessKey: shared credentials prod in /Users/jcolfej/.aws/credentials did not contain aws_access_key_id
The problem is a bad implementation of the AWS SDK authentication (I see these problems very often on AWS-related projects...).
But, good news, there's a way to "fix" the problem for now.
Instead of using the --profile argument, use the AWS_PROFILE environment variable:
AWS_PROFILE="prod" s5cmd ls
And it works ;)
