Using this code for setting the class path
AWSCredentialsProvider credentialsProvider = new ClasspathPropertiesFileCredentialsProvider();
ec2 = new AmazonEC2Client(credentialsProvider);
Below is the format for AwsCredentials.properties file
# Fill in your AWS Access Key ID and Secret Access Key
# http://aws.amazon.com/security-credentials
accessKey = keyHere
secretKey = secretKeyHere
Below is the exception I am getting
Exception in thread "main" com.amazonaws.AmazonClientException: Unable to load AWS credentials from the /AwsCredentials.properties file on the classpath
at com.amazonaws.auth.ClasspathPropertiesFileCredentialsProvider.getCredentials(ClasspathPropertiesFileCredentialsProvider.java:81)
at com.amazonaws.services.ec2.AmazonEC2Client.invoke(AmazonEC2Client.java:8359)
This question is related to
java
amazon-web-services
amazon-ec2
In my case I was deploying my webapp inside a docker: I was setting
ENV AWS_ACCESS_KEY_ID=blahblah%&/(
ENV AWS_SECRET_ACCESS_KEY=supersecret%&/(
but I still got errors, I got fixed this by adding
cloud.aws.credentials.useDefaultAwsCredentialsChain=true
inside application.properties
AWSCredentialsProvider credentialsProvider = new ProfileCredentialsProvider();
new AmazonEC2Client(credentialsProvider)
.aws/credentials
[default]
aws_access_key_id =
aws_secret_access_key =
If you use the credential file at ~/.aws/credentials and use the default profile as below:
[default]
aws_access_key_id=<your access key>
aws_secret_access_key=<your secret access key>
You do not need to use BasicAWSCredential or AWSCredentialsProvider. The SDK can pick up the credentials from the default profile, just by initializing the client object with the default constructor. Example below:
AmazonEC2Client ec2Client = new AmazonEC2Client();
In addition sometime you would need to initialize the client with the ClientConfiguration to provide proxy settings etc. Example below.
ClientConfiguration clientConfiguration = new ClientConfiguration();
clientConfiguration.setProxyHost("proxyhost");
clientConfiguration.setProxyPort(proxyport);
AmazonEC2Client ec2Client = new AmazonEC2Client(clientConfiguration);
Try this for the file format:
[default]
aws_access_key_id=<your access key>
aws_secret_access_key=<your secret access key>
I saved this file as ~/.aws/credentials with ProfileCredentialsProvider().
If you are using Java and Springboot and want to do it in the code, the below configuration will work.
When building EC2 Client, Add the Credential Provider
Region region = Region.US_EAST_1;
Ec2Client ec2 = Ec2Client.builder()
.httpClientBuilder(new DefaultSdkHttpClientBuilder())
.credentialsProvider(SystemPropertyCredentialsProvider.create())
.region(region)
.build();
In the Application Start up,
@Value("${aws.accessKeyId}")
private String accessKey;
@Value("${aws.secretKey}")
private String secretKey;
@PostConstruct
public void setSystemProperty(){
SystemPropertiesCredentialsProvider systemPropertiesCredentialsProvider=new SystemPropertiesCredentialsProvider();
System.setProperty("aws.accessKeyId",accessKey);
System.setProperty("aws.secretAccessKey",secretKey);
}
In application.properties file,
aws.accessKeyId=
aws.secretKey=
Since AmazonDynamoDBClient(credentials) is deprecated i use this.
init {
val cp= AWSStaticCredentialsProvider(BasicAWSCredentials(ACCESS_KEY, SECRET_KEY))
val client = AmazonDynamoDBClientBuilder.standard().withCredentials(cp).withRegion(Regions.US_EAST_1).build()
dynamoDB = DynamoDB(client)
}
If you're wanting to use Environment variables using apache/tomcat, I found that the only way they could be found was setting them in tomcat/bin/setenv.sh (where catalina_opts are set - might be catalina.sh in your setup)
export AWS_ACCESS_KEY_ID=*********;
export AWS_SECRET_ACCESS_KEY=**************;
If you're using ubuntu, try logging in as ubuntu $printenv then log in as root $printenv, the environmental variables won't necessarily be the same....
If you only want to use environmental variables you can use: com.amazonaws.auth.EnvironmentVariableCredentialsProvider
instead of:
com.amazonaws.auth.DefaultAWSCredentialsProviderChain
(which by default checks all 4 possible locations)
anyway after hours of trying to figure out why my environmental variables weren't being found...this worked for me.
A java program to set AWS environment vairiable.
Map<String, String> environment = new HashMap<String, String>();
environment.put("AWS_ACCESS_KEY_ID", "*****************");
environment.put("AWS_SECRET_KEY", "*************************");
private static void setEnv(Map<String, String> newenv) throws Exception {
try {
Class<?> processEnvironmentClass = Class.forName("java.lang.ProcessEnvironment");
Field theEnvironmentField = processEnvironmentClass.getDeclaredField("theEnvironment");
theEnvironmentField.setAccessible(true);
Map<String, String> env = (Map<String, String>) theEnvironmentField.get(null);
env.putAll(newenv);
Field theCaseInsensitiveEnvironmentField = processEnvironmentClass.getDeclaredField("theCaseInsensitiveEnvironment");
theCaseInsensitiveEnvironmentField.setAccessible(true);
Map<String, String> cienv = (Map<String, String>) theCaseInsensitiveEnvironmentField.get(null);
cienv.putAll(newenv);
} catch (NoSuchFieldException e) {
Class[] classes = Collections.class.getDeclaredClasses();
Map<String, String> env = System.getenv();
for (Class cl : classes) {
if ("java.util.Collections$UnmodifiableMap".equals(cl.getName())) {
Field field = cl.getDeclaredField("m");
field.setAccessible(true);
Object obj = field.get(env);
Map<String, String> map = (Map<String, String>) obj;
map.clear();
map.putAll(newenv);
}
}
}
}
In a Linux server, using default implementation of ses will expect files in .aws/credentials file. You can put following content in credential file at the location below and it will work. /home/local/<your service account>/.aws/credentials.
[default]
aws_access_key_id=<your access key>
aws_secret_access_key=<your secret access key>
You can use DefaultAwsCredentialsProviderChain(), which according to the documentation, looks for credentials in this order:
AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY (recommended since they are recognized by all AWS SDKs and CLI except for .NET), or AWS_ACCESS_KEY and AWS_SECRET_KEY (only recognized by the Java SDK)aws.accessKeyId and aws.secretKey~/.aws/credentials) shared by all AWS SDKs and the AWS CLIExample java code:
//DATA//
//get from: https://console.aws.amazon.com/iam/home?#/security_credentials -> Access keys (access key ID and secret access key) -> Generate key if not exists
String accessKey;
String secretKey;
Regions region = Regions.AP_SOUTH_1; //get from "https://ap-south-1.console.aws.amazon.com/lambda/" > your function > ARN at top right
//CODE//
AWSLambda awsLambda = AWSLambdaClientBuilder.standard()
.withCredentials(new AWSStaticCredentialsProvider(new BasicAWSCredentials(accessKey, secretKey)))
.withRegion(region)
.build();
List<FunctionConfiguration> functionList= awsLambda.listFunctions().getFunctions();
for (FunctionConfiguration functConfig : functionList) {
System.out.println("FunctionName="+functConfig.getFunctionName());
}
There are many correct answer above. Specifically in Windows, when you don't have ~/.aws/ folder exist and you need to create the new one, it turned out to be another problem, meaning if you just type ".aws" as name, it will error out and will not allow you create the folder with name ".aws".
Here is trick to overcome that, i.e. type in ".aws." meaning dot at the start and dot at the end. Then only windows will accept the name. This has happened with me, so providing an answer here. SO that it may be helpful to others.
I made the connection using a different approach:
BasicAWSCredentials credentials = new BasicAWSCredentials(ACCESS_KEY, SECRET_KEY);
AmazonDynamoDBClient client = new AmazonDynamoDBClient(credentials).withRegion(Regions.US_EAST_1);
DynamoDB dynamoDB = new DynamoDB(client);
The access key and the secret key can be created in the Identity and Access Management console. I hope it helps...
Source: Stackoverflow.com