LoginSignup
7
3

More than 5 years have passed since last update.

@RyujiKawazoe

RubyでEC2インスタンスに設定したIAM Roleからaccess_key_idとsecret_access_keyを取得

Last updated at Posted at 2016-06-29

開発中のrailsプロジェクトでAWSサービスとの連携を行う箇所があり、環境変数にaccess_key_id, secret_access_keyを設定せずにS3との接続ができないか調べてたらAWS SDK for Rubyを使えると判明しました

環境

  • AWS SDK for Ruby v2

取得方法

role  = Aws::InstanceProfileCredentials.new
credential = role.credentials
# access_key_id
credential.access_key_id
=> "xxxxxxxxxxxxxx"
# secret_access_key
credential.secret_access_key
=> "xxxxxxxx"

追記

上記で取得した、access_key_id, secret_access_keyをそのまま利用したら、だめでした(涙


db = Aws::DynamoDB::Client.new(
  access_key_id: access_key_id,
  secret_access_key: secret_access_key,
  region: ENV["AWS_REGION"],
)

db.put_item(略

でたエラー

Aws::DynamoDB::Errors::UnrecognizedClientException: The security token included in the request is invalid.

正確には

Aws::DynamoDB::Client.new(
        credentials: Aws::InstanceProfileCredentials.new.credentials,
        region: ENV["AWS_REGION"].nil? ? "ap-northeast-1" : ENV["AWS_REGION"]
      )
7
3
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
7
3