BD2KGenomics/cgcloud

cgcloud register-key fails because . . . I am not sure why

Closed this issue · 1 comments

mdperry commented

Hi,

I was following your Getting Started guide for cgcloud and I thought that everything was going smoothly, but when I tried the first command I keep getting nowhere. Here is the STDERR that I see on my terminal:

mperry > cgcloud register-key ~/.ssh/id_rsa.pub 
WARNING: IAMConnection.get_user() failed.
Traceback (most recent call last):
  File "/home/mperry/cgcloud/local/lib/python2.7/site-packages/cgcloud/lib/context.py", line 596, in iam_user_name
    return self.iam.get_user( ).user_name
  File "/home/mperry/cgcloud/local/lib/python2.7/site-packages/boto/iam/connection.py", line 387, in get_user
    return self.get_response('GetUser', params)
  File "/home/mperry/cgcloud/local/lib/python2.7/site-packages/boto/iam/connection.py", line 102, in get_response
    raise self.ResponseError(response.status, response.reason, body)
BotoServerError: BotoServerError: 403 Forbidden
<ErrorResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
  <Error>
    <Type>Sender</Type>
    <Code>AccessDenied</Code>
    <Message>User: arn:aws:iam::959094731163:user/mperry is not authorized to perform: iam:GetUser on resource: arn:aws:iam::959094731163:user/mperry</Message>
  </Error>
  <RequestId>5c20075e-5b46-11e6-8da7-85ecadaf28a0</RequestId>
</ErrorResponse>

ERROR: An error occurred. Using zone 'us-west-2a' and namespace '/__me__/'
ERROR: Can't determine current IAM user name. Be sure to put valid AWS credentials in ~/.boto or ~/.aws/credentials. For details, refer to http://boto.readthedocs.org/en/latest/boto_config_tut.html. On an EC2 instance that is authorized via IAM roles, you can set the CGCLOUD_ME environment variable (uncommon).

These IAM credentials were created by a colleague so that I could start working with some of his files, and he provided me with the two keys to include. I have also reviewed the material in the boto_configuration page.

Any insight you can provide would be greatly appreciated.

Thanks,

-- Marc Perry

mdperry commented

We solved this by re-jigging the IAM user's authorization on AWS, so I am closing this out.