Can I use .aws/config file to provide AWS S3 credentials?

12 visualizaciones (últimos 30 días)
I have been able to successfully access files on an AWS bucket via the syntax
readtable('s3://bucketname/filename.csv')
when I store my AWS credentials in the file .aws/credentials.
However, when I try to use .aws/config instead, I get the error message
===========================================================================================
Location 's3://bucketname/filename.csv' requires credentials. You must setup
an AWS credentials file, or set the environment variables AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY.
===========================================================================================
The .aws/config file method works for both command line and Python access, so I am confident I have the file itself correct.

Respuesta aceptada

Kojiro Saito
Kojiro Saito el 13 de En. de 2022
readtable checks AWS Credentials either
  • environment variable "AWS_SHARED_CREDENTIALS_FILE"
  • ".aws/credentials" file
  • environment variable AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY
in matlab.io.internal.vfs.validators.validateCloudEnvVariables function.
.aws/credentials is hard coded in \toolbox\shared\virtualfileio\+matlab\+io\+internal\+vfs\+validators\hasS3CredentialsFile.m, so if you want to change the path, currently you need to edit the code
from
credentialsFilePath = fullfile(basePath, '.aws', 'credentials');
to
credentialsFilePath = fullfile(basePath, '.aws', 'config');
But, as AWS document says, "The AWS CLI stores sensitive credential information that you specify with aws configure in a local file named credentials, in a folder named .aws in your home directory. The less sensitive configuration options that you specify with aws configure are stored in a local file named config".
The credentials are sensitive and I would store them in credentials file as by default.
  4 comentarios
the cyclist
the cyclist el 14 de En. de 2022
I can't see the policy list. (I don't sufficient privileges in my org.)
However, the fact that I can use Python or the command line (via config file) suggests to me that this is not the issue. Right?
This is not particularly high-priority to me at this point, as I can in fact just use a credentials file. (It just means an additional manual step that I was hoping to avoid.) But, if you have other ideas I may try them later, for the sake of someone finding this solution.
Kojiro Saito
Kojiro Saito el 14 de En. de 2022
The necessary policy for reading from and writing to S3 depends on softwares. Some policies might not needed in other tools but as my investigation, MATLAB needs GetObject, ListBucket and GetBucketLocation policies.
How about putting AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY written in .aws\config to MATLAB with setenv then, doing readtable?
setenv('AWS_ACCESS_KEY_ID', 'xxx')
setenv('AWS_SECRET_ACCESS_KEY', 'xxx')
%setenv('AWS_REGION', 'xxx') % Optional Ex) us-east-1
readtable('s3://bucketname/filename.csv')
If this does not work, there are some more policy needed in IAM policy for MATLAB to read from S3.

Iniciar sesión para comentar.

Más respuestas (0)

Categorías

Más información sobre Install Products en Help Center y File Exchange.

Etiquetas

Productos


Versión

R2021b

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!

Translated by