Description
Describe the issue
The import key pair boto3 documentation does not correctly describe when the key must be base64-encoded. It's the reverse of what's listed. The upstream API documentation is also wrong, I'll submit a feedback to that as well.
The page states:
PublicKeyMaterial (bytes) –
[REQUIRED]
The public key. For API calls, the text must be base64-encoded. For command line tools, base64 encoding is performed for you.
However, actually the aws cli requires the key to be base64 encoded and boto3 requires it not be base64 encoded.
Attempting to enter a base64 encoded key via cli gives an error:
aws ec2 import-key-pair --key-name mykey --public-key-material file://key.pub
Invalid base64: "ssh-ed25519 xxxxxxxxxxxx [email protected]
"
This works:
aws ec2 import-key-pair --key-name mykey --public-key-material `cat key.pub | base64`
Likewise, using boto3 to import a b64 encoded key ( client.import_key_pair(KeyName=default_key_name, PublicKeyMaterial=b64pub_key) ) gives this error:
botocore.exceptions.ClientError: An error occurred (InvalidKey.Format) when calling the ImportKeyPair operation: Key is not in valid OpenSSH public key format
But passing in the non-b64 encoded public key works fine.