Amazon Web Services test connection failed: No valid API Access Key provided

Original Publishing Date:
2020-01-22

Symptoms

Test connection for Amazon Web Services package fails with error No valid API Access Key provided.

Following error appears in /var/log/httpd/aws_error.log on AWS Endpoint host:

[Sat Mar 31 12:31:38.502450 2018] [cgi:error] [pid 64341] [client 192.0.2.2:38930] AH01215: APS-aws[53699]: d5673509-a791-40a0-a1dd-639f600f0ac8 A:1-S:1 Application instance for: 656914428934
[Sat Mar 31 12:31:38.511357 2018] [cgi:error] [pid 64341] [client 192.0.2.2:38930] AH01215: APS-aws[53699]: d5673509-a791-40a0-a1dd-639f600f0ac8 A:1-S:1 Request URL: GET https://api.cloudcheckr.com/api/billing.json/get_custom_billing_charges_v2?access_key=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&use_aws_account_id=123456789101
[Sat Mar 31 12:31:40.282022 2018] [cgi:error] [pid 64341] [client 192.0.2.2:38930] AH01215: APS-aws[53699]: d5673509-a791-40a0-a1dd-639f600f0ac8 A:1-S:1 Response Code: 401
[Sat Mar 31 12:31:40.282101 2018] [cgi:error] [pid 64341] [client 192.0.2.2:38930] AH01215: APS-aws[53699]: d5673509-a791-40a0-a1dd-639f600f0ac8 A:1-S:1 Response Body: {"ErrorCode":"Unauthorized","ErrorMessage":"No valid API Access Key provided"}
[Sat Mar 31 12:31:40.282157 2018] [cgi:error] [pid 64341] [client 192.0.2.2:38930] AH01215: APS-aws[53699]: d5673509-a791-40a0-a1dd-639f600f0ac8 A:1-S:1 CloudCheckr\\Components\\Billing::get_custom_billing_charges_v2 d5673509-a791-40a0-a1dd-639f600f0ac8 HTTP Code: 401 - No valid API Access Key provided
[Sat Mar 31 12:31:40.282229 2018] [cgi:error] [pid 64341] [client 192.0.2.2:38930] AH01215: [2018/03/31 09:31:40] aps-runtime-error: {"code":401,"error":"CloudCheckr::Exceptions::CloudCheckrException","message":"Unauthorized: {\\"message\\":\\"No valid API Access Key provided\\",\\"variables\\":{\\"ErrorCode\\":\\"Unauthorized\\",\\"ErrorMessage\\":\\"No valid API Access Key provided\\"}}"}

Cause

The issue could be caused by two reasons:

Incorrect API key is used for integration.
Software issue. Incorrect API URl is used for sending API request. Cloudcheckr service has some regional restrictions related to API access. Accounts from EU region must use URL https://eu.cloudcheckr.com/ when accessing the API.

Resolution

Check access with actual API key (used for integration), for example:

[root@somehost ~]# curl 'https://api.cloudcheckr.com/api/billing.json/get_custom_billing_charges_v2?access_key=AAAAAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBBBBXXXXXXXXXXXXYYYYYYYYYYZZZZ&use_aws_account_id=123456789101'
{"ErrorCode":"Unauthorized","ErrorMessage":"No valid API Access Key provided"}

Where AAAAAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBBBBXXXXXXXXXXXXYYYYYYYYYYZZZZ - API integration key and 123456789101 - account ID.

If connection connection works fine with same API key for https://eu.cloudcheckr.com/(like on example below) it is required to update Application Instance parameters

[root@somehost ~]# curl 'https://eu.cloudcheckr.com/api/billing.json/get_custom_billing_charges_v2?access_key=AAAAAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBBBBXXXXXXXXXXXXYYYYYYYYYYZZZZ&use_aws_account_id=123456789101'
{"CustomBillingCharges":[]}

Please, contact Odin Technical Support.

Internal content

Link on internal Article