I'm using saml2aws
to generate temporary AWS keys for my clients. Previously I was using environmental variables:
aws_access_key_id=MY KEY
aws_secret_access_key=MY SECRET
After authenticating with saml2aws
my ~/.aws/config
file looks like this (unchanged):
[default]
output=json
And my ~/.aws/credentials
looks like this:
[default]
aws_access_key_id = MY KEY ID
aws_secret_access_key = MY KEY
aws_session_token = MY SESSION TOKEN
aws_security_token = MY TOKEN
x_principal_arn = MY ARN
x_security_token_expires = TIME
When I try this from the cli with aws s3 ls
it works but when I try to access S3 from the Java SDK:
AmazonS3Client(ProfileCredentialsProvider())
.listObjects(ListObjectsRequest()
.withBucketName("some-bucket")
.withPrefix("some-prefix")
.withDelimiter("/")
.withMaxKeys(10000))
I get:
com.amazonaws.AmazonClientException: Unable to load credentials into profile. Profile Name or AWS Access Key ID or AWS Secret Access Key missing for a profile.
And it doesn't work even if I explicitly try to use the default
profile: ProfileCredentialsProvider("default")
or even if I don't set a provider at all!
What am I doing wrong?