- 1 year ago
AWS ECS Windows Scheduled Task running as System - AWS Credentials not found
When running an AWS ECS Windows scheduled task as the "System" user, the task may not have access to the AWS credentials stored in the standard locations (such as AWS credentials file or environment variables) because the "System" user has a different context and environment.
To resolve this issue and provide AWS credentials to the scheduled task running as the "System" user, you can follow these steps:
Create a new IAM user in your AWS account specifically for the scheduled task. Make sure to assign the necessary permissions to this IAM user based on the required AWS services and actions.
Generate access key and secret access key for the IAM user you created in the previous step.
On the Windows machine where the scheduled task runs, open the AWS CLI configuration file located at
C:\Users\<UserName>\.aws\config
(replace<UserName>
with the appropriate user).Add a new profile entry in the AWS CLI configuration file with the access key and secret access key obtained in Step 2. For example:
plaintext[profile-name]
aws_access_key_id = YOUR_ACCESS_KEY
aws_secret_access_key = YOUR_SECRET_ACCESS_KEY
Save the AWS CLI configuration file.
Modify the scheduled task to run a script or command that explicitly references the AWS CLI profile you added to the configuration file.
For example, if you are running a PowerShell script as the scheduled task, you can specify the AWS CLI profile using the --profile
parameter:
powershellaws s3 ls --profile profile-name
Alternatively, you can set the AWS_PROFILE
environment variable within the script or command:
powershell$env:AWS_PROFILE = "profile-name"
aws s3 ls
Make sure to replace profile-name
with the profile name you defined in the AWS CLI configuration file.
By explicitly specifying the AWS CLI profile or setting the AWS_PROFILE
environment variable within the script or command executed by the scheduled task, you ensure that the task running as the "System" user has access to the appropriate AWS credentials.