Elastic Bamboo - The supplied AWS account credentials are either not valid or cannot be used to access EC2 services

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the Server and Data Center platforms.

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Except Fisheye and Crucible

Symptom

The following error appears in Bamboo UI upon selecting Save changes when Configuring Elastic Bamboo.

The supplied AWS account credentials are either not valid or cannot be used to access EC2 services. The error message was: AWS was not able to validate the provided access credentials (Service: AmazonEC2; Status Code: 401; Error Code: AuthFailure;

Causes

There are three likely causes of this issue:

  1. AWS Access Key and Private Key are incorrect.
  2. AWS user is not part of a group or role with enough privilegesLogin to AWS and select, Identity & Access Management > Users > ${user} > Permissions to verify. 
  3. Time on Bamboo's host sever requires synchronization.
    3.1 As a side effect, this has been found to break the application links between Atlassian applications. Setting the time correctly fixes all issues with links.

Resolution

Bamboo supports only the AWS access key and AWS secret access key for its Elastic Agent configuration. AWS access token is currently not supported and its implementation is being tracked by this Feature Request BAM-22410 - Getting issue details... STATUS

  1. AWS Access Key and Private Key are incorrect
    1. Login to Amazon Web Services EC2
    2. Select, Identity & Access Management > Users > {your created user} > Security Credentials > Create Access Key

      Once the new keys are created, input them into the Elastic Bamboo Configuration. 

  2. AWS user does not have enough permissions to manage EC2 instances
    1. Login to Amazon Web Services EC2
    2. Select, Identity & Access Management > Groups > Create New Group
    3. Create a group name (e.g. elastic-bamboo)
    4. Add the required permissions to that group as documented on this page: AWS Permissions for Elastic Bamboo

      Once a new group is created, add a user to the group in AWS, and Save changes in Elastic Bamboo Configuration.

  3. Time on Bamboo's host server needs to be updated
    1. Unix/LinuxUpdate time using NTP

      $ service ntp stop
      $ ntpd -gq
      $ service ntp start	
    2. Windows - Update using net time and W32tm

      $ net time \\timesrv /set /yes
      $ w32tm /config /update
Last modified on Jul 3, 2023

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.