8

I am trying to provide credentials for my Spring boot maven application hosted on the cloud (Pivotal Web Services) to be able to upload to Amazon S3. However, every time I try to get the credentials using:

DefaultAWSCredentialsProviderChain credentialProviderChain = new DefaultAWSCredentialsProviderChain();
TransferManager transferManager = new TransferManager(credentialProviderChain.getCredentials());

It says 

Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception 
[Request processing failed; nested exception is com.amazonaws.AmazonClientException: Unable
to load AWS credentials from any provider in the chain] with root cause
2016-01-28T23:55:38.55+0000 [APP/0]      OUT com.amazonaws.AmazonClientException: 
Unable to load AWS credentials from any provider in the chain

I'm a bit confused as to whether my credentials should be defined in a beans.xml or application.properties file. But I have tried both to no avail. Could someone point me in the right direction?

Tometoyou
  • 7,792
  • 12
  • 62
  • 108

2 Answers2

15

Check out the docs! http://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/auth/DefaultAWSCredentialsProviderChain.html

AWS credentials provider chain that looks for credentials in this order:

  • Environment Variables - AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY (RECOMMENDED since they are recognized by all the AWS SDKs and CLI except for .NET), or AWS_ACCESS_KEY and AWS_SECRET_KEY (only recognized by Java SDK)
  • Java System Properties - aws.accessKeyId and aws.secretKey
  • Credential profiles file at the default location (~/.aws/credentials) shared by all AWS SDKs and the AWS CLI
  • Instance profile credentials delivered through the Amazon EC2 metadata service

More general docs here: http://docs.aws.amazon.com/AWSSdkDocsJava/latest/DeveloperGuide/credentials.html

Stephen Rosenthal
  • 773
  • 4
  • 15
  • 2
    I've seen this, but can you answer how to properly define the credentials and make them recognised with code? – Tometoyou Jan 29 '16 at 00:30
  • 2
    Well, which mode do you want to use? If you're running on EC2, instance profile credentials should be preferred. Otherwise, just to get it running you could use the system properties technique by putting this before your code: `System.setProperty("aws.accessKeyId", ""); System.setProperty("aws.secretKey", "");`. In general, though, it's best not to put the credentials in your source code. – Stephen Rosenthal Jan 29 '16 at 00:38
  • 2
    @Tometoyou, check out the [ClasspathPropertiesFileCredentialsProvider](https://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/auth/ClasspathPropertiesFileCredentialsProvider.html), which allows you to toss a simple properties file in your classpath that contains your credentials. It isn't part of the chain. An alternative is the [PropertiesFileCredentialsProvider](https://docs.aws.amazon.com/AWSJavaSDK/latest/javadoc/com/amazonaws/auth/PropertiesFileCredentialsProvider.html). – tedder42 Jan 29 '16 at 03:06
  • @tedder42 Your solution of PropertiesFileCredentialsProvider worked, thanks! – Tometoyou Jan 29 '16 at 17:01
3

this approach worked:

$ export AWS_ACCESS_KEY_ID=...
$ export AWS_SECRET_ACCESS_KEY=...
Raj Hassani
  • 1,577
  • 1
  • 19
  • 26