Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Import Key Pair documentation - b64 requirement reversed #4321

Open
nickchap opened this issue Oct 29, 2024 · 1 comment
Open

Import Key Pair documentation - b64 requirement reversed #4321

nickchap opened this issue Oct 29, 2024 · 1 comment
Assignees
@adev-code
Labels
documentation This is a problem with documentation. ec2 p3 This is a minor priority issue response-requested Waiting on additional information or feedback.

Comments

@nickchap
Copy link

Describe the issue

The import key pair boto3 documentation does not correctly describe when the key must be base64-encoded. It's the reverse of what's listed. The upstream API documentation is also wrong, I'll submit a feedback to that as well.

The page states:

PublicKeyMaterial (bytes) –

[REQUIRED]

The public key. For API calls, the text must be base64-encoded. For command line tools, base64 encoding is performed for you.

However, actually the aws cli requires the key to be base64 encoded and boto3 requires it not be base64 encoded.

Attempting to enter a base64 encoded key via cli gives an error:

aws ec2 import-key-pair --key-name mykey --public-key-material file://key.pub

Invalid base64: "ssh-ed25519 xxxxxxxxxxxx [email protected]
"

This works:

aws ec2 import-key-pair --key-name mykey --public-key-material `cat key.pub | base64`

Likewise, using boto3 to import a b64 encoded key ( client.import_key_pair(KeyName=default_key_name, PublicKeyMaterial=b64pub_key) ) gives this error:

botocore.exceptions.ClientError: An error occurred (InvalidKey.Format) when calling the ImportKeyPair operation: Key is not in valid OpenSSH public key format

But passing in the non-b64 encoded public key works fine.

Links

https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/ec2/client/import_key_pair.html
@nickchap nickchap added documentation This is a problem with documentation. needs-triage This issue or PR still needs to be triaged. labels Oct 29, 2024
@adev-code adev-code self-assigned this Nov 1, 2024
@adev-code adev-code added investigating This issue is being investigated and/or work is in progress to resolve the issue. ec2 p3 This is a minor priority issue and removed needs-triage This issue or PR still needs to be triaged. labels Nov 1, 2024
@adev-code
Copy link

Hi @nickchap, thanks for reaching out. I have noticed from your command that you are using "file://key.pub/". You can try "fileb://" for using CLI V2 or you can revert to the v1 behavior with the configuration: cli_binary_format=raw-in-base64-out (aws/aws-cli#4969 (comment)). This "fileb://" can be seen also from the current documentation: https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/import-key-pair.html#examples. Please let me know if you have any other questions. Thank you.

@adev-code adev-code added response-requested Waiting on additional information or feedback. and removed investigating This issue is being investigated and/or work is in progress to resolve the issue. labels Nov 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@adev-code adev-code

Labels
documentation This is a problem with documentation. ec2 p3 This is a minor priority issue response-requested Waiting on additional information or feedback.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nickchap @adev-code