AWS account programatic access via mac cli

Question

In my ~/.aws/credentials file I have two profiles: default and user1.

user1 keys are tied to a different AWS account.

I can access default account.

I am unable to access the user1 AWS account:

For example, when I pass this command:

aws s3 ls --profile user1 

This message is displayed:

An error occurred (SignatureDoesNotMatch) when calling the ListBuckets operation: The request signature we calculated does not match the signature you provided. Check your key and signing method.

Another user is able to use these same keys to access this account so the keys are valid.

What can I do to fix this?

Answer 1

Assuming none of the profiles works.

Time on your system might be out of sync.

You can sync time on Mac systems using

Big Sur

sudo sntp -sS time.apple.com

On Mojave

in case of error

kod_init_kod_db(): Cannot open KoD db file /var/db/ntp-kod: No such file or directory

create the file and change ownership to root. Some people reported this was actually breaking the ntp synchronization

sudo touch /var/db/ntp-kod
sudo chown root:wheel /var/db/ntp-kod

and the run

sudo sntp -sS pool.ntp.org

There are more options in this postHow can I tell if my Mac is keeping the clock updated properly? you can try to sync the time.

EDIT:

As the OP got updated, it works for one profile but doesn't for the second one. In that, as @Asdfg suggested,

• Double check the keys you have in your profile if they are correct
• upgrade the AWS CLI and in case the error persists,
• last but not least follow the Troubleshooting AWS CLI errors