[amazon-web-services] AWS S3 CLI - Could not connect to the endpoint URL

$ aws s3 ls

Could not connect to the endpoint URL: "https://s3.us-east-1a.amazonaws.com/"

What could be the problem?

first you use 'aws configure' then input the access key, and secret key, and the region. the region you input would be important for this problem. try to input something like 's3.us-east-1', not 's3.us-east-1a'. it will solve the issue.

1. Check the .aws directory under home directory. Windows: C:\Users<home-name>.aws Linux: ~/.aws

2. Under this directory, you will find the config as well as credentials file. It will have the information from the aws configure that you may have run before. IF not, then

3. Run aws configure Enter the access key - secret key - enter secret key region - (ap-southeast-1 or us-east-1 or any other regions) format - (json or leave it blank, it will pick up default values you may simply hit enter)

4. From the Step 2, you should see the config file, open it, it should have the region. Please ensure there is region specified.

5. You may now run the following command to list the buckets aws s3 ls It should work fine.

In case it is not working in your default region, try providing a region close to you. This worked for me:

   PS C:\Users\shrig> aws  configure
   AWS Access Key ID [****************C]:**strong text**
   AWS Secret Access Key [****************WD]:
   Default region name [us-east1]: ap-south-1
   Default output format [text]:

You should do the following on the CLI : 1. aws configure'
2. input the access key 3. input secret key 4. and then the region i.e : eu-west-1 (leave the a or b after the 1)

Everyone has different defaults, and interestingly it will change after time. As an example, first I was on global, and then after 15 minutes it shows Ohio (which is us-east-2).

The best approach is to check it during your work -- in console of your AWS working area, just set it on the right above side near your name on top bar check your region name and click on the down arrow to see your region.

In AWS CLI type aws configure or aws2 configure, give your access and secret id, then during default region, write your region and press Enter.

You will definitely get access to specific region set and it will work.

Assuming that your profile in ~/aws/config is using the region (instead of AZ as per your original question); the other cause is your client's inability to connect to s3.us-east-1.amazonaws.com. In my case, I was unable to resolve that DNS name due to an error in my network configuration. Fixing the DNS issue solved my problem.

Couple things I've done to fix this :

1. Updated my CLI and it given this error (previous error was "aws connection aborted error 10013")

2. Tried to nslookup aws s3 endpoing : nslookup s3.us-east-2.amazonaws.com

   DNS request timed out. timeout was 2 seconds. Server: UnKnown Address: 192.168.10.1

-> hmmm very weird

3. Went to windows network troubleshooting and selected to test access to specific page. It informed that Windows firewall blocked the connection. Fixed this

4. Received a new error , after fixing the request through firewal :

   An error occurred (RequestTimeTooSkewed) when calling the ListBuckets operation: The difference between the request time and the current time is too large.

5. Updated my date & time to automatic -> Fixed

Probably, there is something wrong with the default region while configuring aws. In your case, the URL says "https://s3.us-east-1a.amazonaws.com/"

In your command prompt,

aws configure, enter your keys, Now fix your region from us-east-1a to us-east-1.

Kindly check the syntax according to the CLI you are using. This will be helpful.

On Windows run the aws configure command again and reset region without the letter for example if your region is us-east-1a you need to change it to us-east-1 in order for it to work.

If none of solutions given above works,also check your permissions and firewall settings. In my case adding proxy environment variables did the job.

For Linux or mac

$ export HTTP_PROXY=http://<YOUR PROXY IP>:<PORT>

$ export HTTPS_PROXY=http://<YOUR PROXY IP>:<PORT>

For Windows

set HTTP_PROXY=http://<YOUR PROXY IP>:<PORT>

set HTTPS_PROXY=http://<YOUR PROXY IP>:<PORT>

Some AWS services are just available in specific regions that do not match your actual region. If this is the case you can override the standard setting by adding the region to your actual cli command.

This might be a handy solution for people that do not want to change their default region in the config file. IF your general config file is not set: Please check the suggestions above.

In this example the region is forced to eu-west-1 (e.g. Ireland):

aws s3 ls --region=eu-west-1

Tested and used with aws workmail to delete users:

aws workmail delete-user --region=eu-west-1 --organization-id [org-id] --user-id [user-id]

I derived the idea from this thread and it works perfect for me - so I wanted to share it. Hope it helps!

You should specify the region in your CLI script, rather than rely on default region specified using aws configure (as the current most popular answer asserts). Another answer alluded to that, but the syntax is wrong if you're using CLI via AWS Tools for Powershell.

This example forces region to us-west-2 (Northern California), PowerShell syntax:

aws s3 ls --region us-west-2

The solution to my problem was to run:

    sudo aws configure

Enter your credentials and then run:

    sudo aws s3 ls

A different solution was to make sure that the region in the .aws/config file is the same as the endpoints