AWS S3 CLI - Could not connect to the endpoint URL

Question

$ aws s3 ls

Could not connect to the endpoint URL: "https://s3.us-east-1a.amazonaws.com/"

What could be the problem?

Answer 1

You probably have something wrong in your default profile for the default region.

Check your file at ~/.aws/config, you have something like

[default]
region=us-east-1a
...

Fix the region to region=us-east-1 and then the command will work correctly

Answer 2

first you use 'aws configure' then input the access key, and secret key, and the region. the region you input would be important for this problem. try to input something like 's3.us-east-1', not 's3.us-east-1a'. it will solve the issue.

Answer 3

If none of solutions given above works,also check your permissions and firewall settings. In my case adding proxy environment variables did the job.

For Linux or mac

$ export HTTP_PROXY=http://<YOUR PROXY IP>:<PORT>

$ export HTTPS_PROXY=http://<YOUR PROXY IP>:<PORT>

For Windows

set HTTP_PROXY=http://<YOUR PROXY IP>:<PORT>

set HTTPS_PROXY=http://<YOUR PROXY IP>:<PORT>

Answer 4

Some AWS services are just available in specific regions that do not match your actual region. If this is the case you can override the standard setting by adding the region to your actual cli command.

This might be a handy solution for people that do not want to change their default region in the config file. IF your general config file is not set: Please check the suggestions above.

In this example the region is forced to eu-west-1 (e.g. Ireland):

aws s3 ls --region=eu-west-1

Tested and used with aws workmail to delete users:

aws workmail delete-user --region=eu-west-1 --organization-id [org-id] --user-id [user-id]

I derived the idea from this thread and it works perfect for me - so I wanted to share it. Hope it helps!

Answer 5

You should specify the region in your CLI script, rather than rely on default region specified using aws configure (as the current most popular answer asserts). Another answer alluded to that, but the syntax is wrong if you're using CLI via AWS Tools for Powershell.

This example forces region to us-west-2 (Northern California), PowerShell syntax:

aws s3 ls --region us-west-2

Answer 6

Probably, there is something wrong with the default region while configuring aws. In your case, the URL says "https://s3.us-east-1a.amazonaws.com/"

In your command prompt,

aws configure, enter your keys, Now fix your region from us-east-1a to us-east-1.

Kindly check the syntax according to the CLI you are using. This will be helpful.

Answer 7

This worked for me.

1. Use debug option to get clear idea of bug

aws ec2 describe-instances --instance-ids (myid) --region ap-south-1 --debug

I got following issue.

EndpointConnectionError: Could not connect to the endpoint URL: "https://ec2.ap-south-1b.amazonaws.com/"

2. I tried to Ping but it was not working

ping ec2.ap-south-1b.amazonaws.com ping: ec2.ap-south-1b.amazonaws.com: Name or service not known

3. I checked for invalid value for Region when using aws configure

but it was configured properly

[default] region = ap-south-1

4. Then , I went to **IAM -> Users - > (yourusername) - > Add Permissions

and I added "AdministratorAccess" Policy**.

5. After that everything worked for me.

MainThread - urllib3.connectionpool - DEBUG - Starting new HTTPS connection (1): ec2.ap-south-1.amazonaws.com:443 MainThread - urllib3.connectionpool - DEBUG - https://ec2.ap-south-1.amazonaws.com:443 "POST / HTTP/1.1" 200 7176

Answer 8

You should do the following on the CLI : 1. aws configure'
2. input the access key 3. input secret key 4. and then the region i.e : eu-west-1 (leave the a or b after the 1)

Answer 9

In case it is not working in your default region, try providing a region close to you. This worked for me:

   PS C:\Users\shrig> aws  configure
   AWS Access Key ID [****************C]:**strong text**
   AWS Secret Access Key [****************WD]:
   Default region name [us-east1]: ap-south-1
   Default output format [text]:

Answer 10

Weirdly, in my case restarting my laptop has helped. I've been using VPN lately, I think it messed up some network settings causing this error.

Answer 11

Assuming that your profile in ~/aws/config is using the region (instead of AZ as per your original question); the other cause is your client's inability to connect to s3.us-east-1.amazonaws.com. In my case, I was unable to resolve that DNS name due to an error in my network configuration. Fixing the DNS issue solved my problem.

Answer 12

1. Check the .aws directory under home directory. Windows: C:\Users<home-name>.aws Linux: ~/.aws

2. Under this directory, you will find the config as well as credentials file. It will have the information from the aws configure that you may have run before. IF not, then

3. Run aws configure Enter the access key - secret key - enter secret key region - (ap-southeast-1 or us-east-1 or any other regions) format - (json or leave it blank, it will pick up default values you may simply hit enter)

4. From the Step 2, you should see the config file, open it, it should have the region. Please ensure there is region specified.

5. You may now run the following command to list the buckets aws s3 ls It should work fine.

Answer 13

Check your environment settings:

set |& grep REGION

I had a typo in my AWS_REGION and AWS_DEFAULT_REGION environment variables, so it was trying to access a non-existant region.

Answer 14

Couple things I've done to fix this :

1. Updated my CLI and it given this error (previous error was "aws connection aborted error 10013")

2. Tried to nslookup aws s3 endpoing : nslookup s3.us-east-2.amazonaws.com

   DNS request timed out. timeout was 2 seconds. Server: UnKnown Address: 192.168.10.1

-> hmmm very weird

3. Went to windows network troubleshooting and selected to test access to specific page. It informed that Windows firewall blocked the connection. Fixed this

4. Received a new error , after fixing the request through firewal :

   An error occurred (RequestTimeTooSkewed) when calling the ListBuckets operation: The difference between the request time and the current time is too large.

5. Updated my date & time to automatic -> Fixed

Answer 15

Everyone has different defaults, and interestingly it will change after time. As an example, first I was on global, and then after 15 minutes it shows Ohio (which is us-east-2).

The best approach is to check it during your work -- in console of your AWS working area, just set it on the right above side near your name on top bar check your region name and click on the down arrow to see your region.

In AWS CLI type aws configure or aws2 configure, give your access and secret id, then during default region, write your region and press Enter.

You will definitely get access to specific region set and it will work.

Answer 16

The solution to my problem was to run:

    sudo aws configure

Enter your credentials and then run:

    sudo aws s3 ls

A different solution was to make sure that the region in the .aws/config file is the same as the endpoints

Answer 17

On Windows run the aws configure command again and reset region without the letter for example if your region is us-east-1a you need to change it to us-east-1 in order for it to work.

Answer 18

If you are using ec2 just:

export AWS_DEFAULT_REGION=your-region

Answer 19

If you are sure that you did everything correctly, If you are using a Company PC, disconnect VPN connection.

This worked for me.

Answer 20

Check VM security group rules and add outbound rule for S3 access .