I have ECS
which runs on EC2
Normally, I put some containers on EC2 node and run the services (That’s the basic practice of ECS
….)
However,now I need to run the code on EC2 directry, So I put the code in userdata and which uses boto3
(for monitoring GPU)
However this error happens.
botocore.exceptions.NoCredentialsError: Unable to locate credentials
In container, I run the script including boto3
, this error doesn’t occur.
So I guess aws credential
is automatically set in container
but not in EC2
node on ECS
. Am I correct?
However can I do the equivalent setting in EC2 node?
2
Answers
I login EC2 and use root account, then boto3 works.
ec2-user
account doesn't have credentials though,root
account has that.The containers you’re running on your EC2 instances via ECS do not have access to credentials you may have stored on ephemeral storage on the instance(s). It would be better to assign your desired AWS credentials to an IAM Instance Profile and inherit those permissions natively through the EC2 metadata service. Setting up your hosts this way means you don’t need to store any keys, or credentials on the host. Boto3 will automatically find the credentials from the metadata service without you needing to configure anything, giving you a more secure way to provide AWS permissions for your resources.