0

I was trying to read a file from s3 bucket from jupyter notebook which was created using development endpoint of an ecr image.

When I tried to read a file from s3, I am getting below error.

S3 Error Message. -- ResponseCode: 403, ResponseStatus: Forbidden, XML Error 
Message: <?xml version="1.0" encoding="UTF-8"?>
<Error>
<Code>InvalidAccessKeyId</Code>
<Message>The AWS Access Key Id you provided does not exist in our records.</Message>
<AWSAccessKeyId>****accessid</AWSAccessKeyId>
<RequestId>****requestid</RequestId>
<HostId>****hostid</HostId>
</Error>

I have full access on s3. And I am using access id, secret id and session token from the cli for the account.

Command I used to access jupyter notebook from ecr image is as below

docker run -it -p 8889:8889 -e JUPYTER_TOKEN=**** -e AWS_ACCESS_KEY_ID=**** -e AWS_SECRET_ACCESS_KEY=**** -e AWS_SESSION_TOKEN=**** -v C:\Users\****:/glue/app *****endpoint:latest

Do I need to add any additional policy for s3 to enable accesss from jupyter notebook?

Reshma Joseph
  • 23
  • 5
  • The error is saying `InvalidAccessKeyId`, so it is not a permission issue. Where are you obtaining the Access Key and Secret Key? Does it start with `AKIA`? Are you running this command on an Amazon EC2 instance, or on your own computer? – John Rotenstein Jul 14 '22 at 10:54
  • Accesskey is like ASIATKJS2******* I am running this on my computer – Reshma Joseph Jul 14 '22 at 23:46
  • Based on [IAM identifiers - AWS Identity and Access Management](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html), an Access Key starting with `ASIA` is a **temporary Access Key** issued by the Security Token Service (STS), such as when using an IAM Role. When storing an Access Key on your own computer, you should be using the Key + Secret associated with your IAM User. It will start with `AKIA`. – John Rotenstein Jul 15 '22 at 02:04

0 Answers0