Cannot read credentials from /.aws/credentials

Written by James McDonald

September 26, 2018

I have a CakePHP console based worker script that is started and run by the supervisord process manager

The worker script consumes jobs from a beanstalkd queue and when it recieves the job it uses AWS PHP SDK to send emails

I was getting the following message from the Cake PHP cli-error.log

2018-09-26 20:59:33 Error: [Aws\Exception\CredentialsException]
Cannot read credentials from /.aws/credentials in
/path/to/my/cake/install/vendor/aws/aws-sdk-php
/src/Credentials/CredentialProvider.php on line 394

This is the fix: Add an environment line to the supervisord config section for the process causing the error

[program:bsw]
command=/path/to/cakephp/bin/cake worker runbsw %(process_num)02d
directory=/var/www/path/to/cakephp/
process_name=%(program_name)s_%(process_num)02d
autostart=true
autorestart=true
numprocs=2
startretries=3
# stderr_logfile=/var/log/bsw.stderr
stdout_logfile=/var/log/bsw.log
redirect_stderr=true
stdout_logfile_backups=3
user=melbdc
# need to add HOME so aws knows where to find credentials file
environment=HOME="/home/melbdc",USER="melbdc"

This is the explanation of why the error occurs because supervisord does create a full login style user environment when switching to the user specified for the process

http://supervisord.org/subprocess.html#subprocess-environment

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

The reCAPTCHA verification period has expired. Please reload the page.

You May Also Like…

Squarespace Image Export

To gain continued access to your Squarespace website images after cancelling your subscription you have several...

MySQL 8.x GRANT ALL STATEMENT

-- CREATE CREATE USER 'tgnrestoreuser'@'localhost' IDENTIFIED BY 'AppleSauceLoveBird2024'; GRANT ALL PRIVILEGES ON...

Exetel Opt-Out of CGNAT

If your port forwards and inbound and/or outbound site-to-site VPN's have failed when switching to Exetel due to their...