Common Issues When Running the AWS CLI using CRON & Bash

This post will show some common issues experienced when running the AWS CLI via Bash using CRON on Linux. The issues are typically related to either a Bash script error, AWS CLI command error, or AWS CLI credentials/config error.

Why would you run the AWS CLI via Bash using CRON?

There are quite a few reasons! First, the AWS CLI complements your CRON jobs allowing you to do some amazing things. For example, your Bash scripts can AWS SNS notifications. Second, you can download your latest maintenance scripts from AWS S3. Finally, perhaps you want to determine the status of another AWS EC2 instance? The opportunities are endless.

Debugging Your Scripts

You can easily debug the Bash and AWS CLI scripts!

To debug your Bash script –

Enable Bash to debug mode by adding “-x” to the Bash shebang. So you change “#!/bin/bash” and add a ” -x”.

Example:

#!/bin/bash -x

The Bash script will get verbose and show the execution steps.

To debug your AWS CLI command –

Set the AWS CLI to debug mode requires the following command “–debug“.

Example using the AWS CLI to copy files from S3:

sudo aws s3 cp s3://server-bash-library/maintenance /home/user/scripts/maintenance --recursive --debug

The AWS CLI will get verbose and show the execution steps.

AWS Credentials and Config Configuration

Check your configuration of the AWS credentials and config files. These files are available under ‘/home/yourUser/.aws’. You can use the ‘ls –altr‘ command to view the hidden folder. The ‘
/home/yourUser‘ portion of this folder is represented by a ‘~‘.

The ‘.aws’ folder must contain two configuration files:

For example, ~/.aws/credentials should look like this:

[default]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY 

~/.aws/config should look like this:

[default] 
region=us-west-2
output=json

You can configure the files when you run the ‘aws configure’ command.

AWS Credentials and Config Accessibility

If your Bash script works when you run it directly but not from CRON, then there is probably something different in the environment. One such difference is that the AWS CLI stores the credentials and config under the installer’s profile (example: ‘/home/yourUser/.aws’).

Remember that CRON does not execute as your user!

The CRON user’s home folder will not be the same as yours. As such, the CRON user will not be able to read the ‘.aws’ folder.

Luckily the AWS CLI supports environment variables!

The AWS CLI supports the following environment variables:

  • AWS_SHARED_CREDENTIALS_FILE – Specifies the location of the file that the AWS CLI uses to store access keys.
  • AWS_CONFIG_FILE – Specifies the location of the file that the AWS CLI uses to store configuration profiles.

The ‘printenv’ command will show you the current environment variables.
The ‘eval echo ~$USER’ command will show you your current home folder. My home folder is ‘/home/ubuntu’.

The following commands will allow you to add the required environment credentials and config to your environment variables. Then, change the script to use your home folder. BACKUP your /etc/environment file before making changes!

echo 'AWS_SHARED_CREDENTIALS_FILE="/home/ubuntu/.aws/credentials"' >> /etc/environment   
echo 'AWS_CONFIG_FILE="/home/ubuntu/.aws/config"' >> /etc/environment

The ‘>>’ redirects the command’s output on its left-hand side to the end of the file on the right-hand side. The ‘>>’ replaced by ‘>’, will replace everything! We do not want to do this.

Lastly, check your Syslog for any errors from your CRON job running your Bash script. You can use this handy command ‘sudo grep —colori cron /var/log/syslog’, to help you along!

You may also be interested in

About Anto Online

Anto, a seasoned technologist with over two decades of experience, has traversed the tech landscape from Desktop Support Engineer to enterprise application consultant, specializing in AWS serverless technologies. He guides clients in leveraging serverless solutions while passionately exploring cutting-edge cloud concepts beyond his daily work. Anto's dedication to continuous learning, experimentation, and collaboration makes him a true inspiration, igniting others' interest in the transformative power of cloud computing.

View all posts by Anto Online

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.