Access AWS resources from awscli with new IAM admin user

0
votes

I'm trying to access AWS resources from the aws cli after configuring a new IAM user with admin rights and it acts as if no resource is available.

What I did:

  • Created an RDS instance (while being logged in with the root user);
  • Created a new IAM user to a group that has the AdministratorAccess[*] policy added;
  • Configured the aws cli to use the named user's access keys and the same region as the RDS instance;

  • Ran the command aws rds describe-db-instances. The result is: 

    $ aws rds describe-db-instances
{
   "DBInstances": []
}

I would have expected to see my RDS instance listed. Am I missing something?

[*] The policy json contains this:

"Effect": "Allow",
"Action": "*",
"Resource": "*"
1
amazon-web-servicesamazon-rdsamazon-iamaws-cli
I do not think IAM privileges is an issue here since there is no error. Is the region in the default profile for AWS credentials configured correctly? - helloV
I think it is... I configured awscli with eu-west-2 and the RDS instance is in EU (London). Is that what you mean, @helloV? - Ioanna
Can you try specifying the region explicitly? aws rds describe-db-instances --region eu-west-2 If it doesn't work, then the CLI is getting the credentials from somewhere else. - helloV
It worked :). Looked again on the configuration paying more attention and I had set the region to "us"-west-2 instead of "eu", you were right from the first comment. Thank you! - Ioanna

1 Answers

2
votes

I do not think IAM privileges is an issue here since there is no error. Is the region in the default profile for AWS credentials configured correctly?

Or try specifying the region explicitly?

aws rds describe-db-instances --region eu-west-2

If it doesn't work, then the CLI is getting the credentials from somewhere else.