Partial credentials found in explicit, missing: aws_access_key_id

493 views Asked by At

I am trying to run the following code snipet (based on this code here):

import boto3, os
from dotenv import load_dotenv

load_dotenv()
AWS_ACCESS_KEY=os.getenv('AWS_ACCESS_KEY')
AWS_SECRET_KEY=os.getenv('AWS_SECRET_KEY')

translate = boto3.client(
    service_name='translate',
    region_name='us-east-1', 
    aws_access_key_id=AWS_ACCESS_KEY, 
    aws_secret_access_key=AWS_SECRET_KEY, 
)

result = translate.translate_text(Text="Hello, World", 
            SourceLanguageCode="en", TargetLanguageCode="de")
print('TranslatedText: ' + result.get('TranslatedText'))
print('SourceLanguageCode: ' + result.get('SourceLanguageCode'))
print('TargetLanguageCode: ' + result.get('TargetLanguageCode'))

My .env file is the following (edited for security reasons):

AWS_ACCESS_KEY=AXXXXXXXXXXXXXXXXXXR
AWS_ACCESS_KEY=+XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXa

The error I am getting is:

Traceback (most recent call last):
  File "/home/myuser/Desktop/mika/test.py", line 8, in <module>
    translate = boto3.client(
  File "/home/myuser/Desktop/mika/venv/lib/python3.10/site-packages/boto3/__init__.py", line 92, in client
    return _get_default_session().client(*args, **kwargs)
  File "/home/myuser/Desktop/mika/venv/lib/python3.10/site-packages/boto3/session.py", line 299, in client
    return self._session.create_client(
  File "/home/myuser/Desktop/mika/venv/lib/python3.10/site-packages/botocore/session.py", line 950, in create_client
    raise PartialCredentialsError(
botocore.exceptions.PartialCredentialsError: Partial credentials found in explicit, missing: aws_access_key_id

I have checked the several cases here that go like "Partial credentials found in env", but they do not seem as a match of the current case.

What am I doing wrong?

2

There are 2 answers

0
David Espinosa On BEST ANSWER

After an internal revision with AWS Support Team, and the AWS Organization Administrator of my company (who has the proper rights to enable / disable permissions), the following changes (linked to permissions) where done:

  1. Roles AWSAdministratorAccess & AWSPowerUserAccess where added to the following Condition, by the AWS Organization Administrator:
"ArnNotLike": {
          "aws:PrincipalARN": [
            "arn:aws:iam::*:role/AWSControlTowerExecution",
            "arn:aws:iam::*:role/AWSAdministratorAccess",
            "arn:aws:iam::*:role/AWSPowerUserAccess"
          ]
        }
  1. translate:* service was added to the policy:
"NotAction": [
        "translate:*",
        "a4b:*",
        ...

With these changes, the Python script now displays the desired output:

TranslatedText: Hallo, Welt
SourceLanguageCode: en
TargetLanguageCode: de
1
Marcin On

In your .env you have SERVER_PUBLIC_KEY, but in the python code there is AWS_SERVER_PUBLIC_KEY.