1

I have the following command in the userdata of my cloudformation template:

MOUNT_TARGET_IP=$(aws efs describe-mount-targets --file-system-id fs-xxxxxxx --query 'MountTargets[*].IpAddress' --output text)

Also in my template, I have the following policy:

MyPolicy:
Type: "AWS::IAM::Policy"
Properties:
  PolicyName: !Sub "${AWS::StackName}_bucket_and_mount_targets_policy"
  PolicyDocument: 
    Version: "2012-10-17"
    Statement: 
      -
        Effect: "Allow"
        Action: "s3:GetObject"
        Resource: !Sub "arn:aws:s3:::${AuthorizedKeyBucketName}/authorized_keys"
      -
        Effect: "Allow"
        Action: "s3:ListBucket"
        Resource: !Sub "arn:aws:s3:::${AuthorizedKeyBucketName}"
      -
        Effect: "Allow"
        Action: "elasticfilesystem:DescribeMountTargets"
        Resource: "arn:aws:elasticfilesystem:us-east-1:xxxxxxxxxx:file-system/fs-xxxxxxx"
  Roles: 
    - 
      !Ref MyRole

I am not sure why I am still receiving the following error:

You must specify a region. You can also configure your region by running "aws configure".

When I ssh into the instance, and then configure the region and access keys manually, and then try to execute the above statements, it seems to work just fine.

Any thoughts?

niketp
  • 189
  • 1
  • 13

1 Answers1

1

Most AWS CLI commands require a region to be configured and you haven't configured one here.

You could change your CLI command to specify a region:

MOUNT_TARGET_IP=$(aws efs describe-mount-targets \
  --file-system-id fs-xxxxxxx \
  --query 'MountTargets[*].IpAddress' \
  --region ... \  # add this
  --output text)

Or you could set the AWS_DEFAULT_REGION variable:

AWS_DEFAULT_REGION=...
export AWS_DEFAULT_REGION
MOUNT_TARGET_IP=$(aws efs describe-mount-targets --file-system-id fs-xxxxxxx \
  --query 'MountTargets[*].IpAddress' --output text)

Or you could have your script run aws configure or otherwise provide the region in ~/.aws/config.

Note that configuring the AWS CLI with access keys is not recommended. You should use IAM Roles instead.

Alex Harvey
  • 11,553
  • 2
  • 42
  • 73