skip to Main Content

Running this code in console application is working but not in webAPI project .netCore6 with docker container.
I’m getting
"Unable to get IAM security credentials from EC2 Instance Metadata Service." Error.

var region = RegionEndpoint.EUWest1;
var client = new AmazonCognitoIdentityProviderClient(region);
var request = new ListGroupsRequest
{
    UserPoolId = "MyUserPoolID" 
};
var response = await client.ListGroupsAsync(request);

Any help?
Thanks

2

Answers


  1. The issue is your credentials are not being located within the container. You need to make sure that your credentials are available. One way is you can use an environment variable crendential provider and set both the key and secret key when you start your docker container.

    To start docker container and specify keys:

    docker run -e AWS_ACCESS_KEY_ID=AKIxxxxxxxxxxxxxx -e AWS_SECRET_ACCESS_KEY=K3Oxxxxxxxxxxxxxxxxxxxx -it getting-started /bin/bash

    Then use the .NET environment variable cred provider.

    Login or Signup to reply.
  2. Issue

    When you run your application without docker, .NET SDK for AWS loads the credentials from the credential file located at C:Users.awscredentials location.

    When running the application in docker, credential file is not found in the container. Hence, SDK fallbacks to other ways to locate the AWS credentials.

    Here, I have explained how does AWS SDK for .NET loads credentials.

    Solution

    Now, answering you question:

    1. If you are running the docker containers inside ECS, then you can use ECS Task Role, this way you don’t need to maintain environment variables.
    2. If you are not running the docker containers inside ECS, then maintain the following environment variables in your container.
      AWS_ACCESS_KEY_ID
      AWS_SECRET_ACCESS_KEY
      

    This should fix your issue.

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search