AWS was not able to validate the provided access credentials in Amazon EC2

Question

I have been trying to monitor the instances by accessing rest API [1]. For the specific Access Key and Secret Key, I tried the same credentials on AWS S3 Example, it successfully executes but for Amazon EC2 I got the following error :

<?xml version="1.0" encoding="UTF-8"?>
<Response><Errors><Error><Code>AuthFailure</Code><Message>AWS was not able to validate the provided access credentials</Message></Error></Errors><RequestID>627188e0-e134-435e-aece-7056a8360a46</RequestID></Response> 

Is SIgnature generation for AmazonS3 and AMzonEC2 is different? I'm using [2] to generate the signature, As far as I understood, there is no major changes in a signature generation for amazon s3 and amazon ec2.

What could be the possible reason for this? Is there any specific permission we have to set for AmazonEC2?

[1]https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_MonitorInstances.html

[2] https://docs.aws.amazon.com/general/latest/gr/sigv4-create-canonical-request.html

Answer 1

I don't know if this would help your particular issue ... I had the same error message when calling the EC2 API via Postman which is how I ended up on this post. To resolve this issue, I simply added the region name in the URL and added the Version to the parameter as shown below:

https://ec2.eu-west-1.amazonaws.com/?Action=RunInstances&ImageId=ami-0aaada7cbb0d829fc&MinCount=1&MaxCount=1&InstanceType=t2.micro&Version=2016-11-15

If using Postman, remember to set up your Authentication to the API via the 'Authorization' tab under 'AWS Signature' Type. After making both changes to the URL, my REST calls to EC2 API started succeeding.