Note: Please go to docs.rightscale.com to access the current RightScale documentation set. Also, feel free to Chat with us!
Home > Tutorials > RightScale > Upgrade Your Account > Add AWS Credentials to RightScale

Add AWS Credentials to RightScale

Objective

To add valid AWS credentials to a RightScale account. 

Table of Contents

Prerequisites

Overview

You must register valid AWS credentials with a RightScale account before you can use the RightScale Dashboard/API to manage your cloud resources.  RightScale will discover your AWS cloud resources based upon your cloud account number.  Your AWS Security Credentials will be required in order to make successful requests to Amazon to create and manage your cloud resources.  Each RightScale account must be associated to a unique and valid set of AWS credentials.  You cannot use AWS Credentials that have already been registered with a different RightScale account.

Security Note: AWS Security Credentials (i.e., credentials with names beginning with 'AWS_') only exist in RightScale if the account has added AWS clouds. In addition, AWS Security Credentials can be deleted if the account holder wants to prevent those credentials from being made available to instances. Note that there is a positive security gain to deleting AWS credentials and making them unavailable to instances.

Steps

Add AWS Account Credentials

To add access to the AWS public cloud so that you can launch instances in EC2, navigate to Settings > Account Settings > Clouds. Click Connect to a Cloud. Then click Amazon Web Services and click the (+) icon next to Add AWS Cloud.  

 

screen-Add_Cloud-v1.png

 

Next, you will need to provide the following AWS Credentials. You can find your credentials when you're logged into your AWS account (http://aws.amazon.com).  If you are using IAM, be sure to use the security credentials associated with the 'RightScale' user. If you need help finding the security credentials, see Sign-up for Amazon Web Services (AWS).

  • AWS Account Number
  • AWS Access Key ID
  • AWS Secret Access Key

Enter the information and click Continue.

Next, RightScale will query AWS for all of the cloud resources that currently exist for your AWS Account Number (if available).  You will then be prompted to create a couple AWS resources that are prerequisites in order to launch an EC2 instance (EC2 SSH Key and EC2 Security Group).  It's recommended that you keep the default names for these cloud resources and click Continue to create each cloud resource.

screen-AWSConnectCloudSecurityGroup.png

 

After the default resources have been created you should have valid AWS cloud credentials associated with your RightScale account. 

screen-AWS_Cloud_Status-v1.png

(Optional)  Add x.509 Certificates

If you plan to bundle instance to create Amazon Machine Images (AMIs) using the RightScale Dashboard, you will also need to upload your AWS Account's x.509 Key and Certificate.  Click one of the edit (pencil) icons under the Action column for one of the AWS Regions.  

Expand the "Show Advanced" section and enter your key and certificate information.  If you need help finding this information, see Sign-up for Amazon Web Services (AWS).

screen-Add_AWS-v1.png

Copy and paste your x509 Certificate and Key values. Click Continue.

Next Steps

When you go to http://aws.amazon.com and sign-up for additional cloud services like SQS and CloudFront, the status of those services will be reflected correctly in the Dashboard.  Once you sign up for those services you can have RightScale requery the status of that service.

Troubleshooting

If you attempt to add AWS credentials that have already been registered to another RightScale account, you will receive an error message that will show you the owner (email) of the RightScale account that is registered to use those AWS credentials.  The "owner" of a RightScale account is the user who first created the RightScale account.  In such cases, you may want to contact the owner and ask for an account invitation to gain access to that AWS account within RightScale.

Your Amazon credentials are invalid: Sorry, this AWS account has already been registered with RightScale by someone@site.com, please contact this person to get invited to his account.
You are trying to register an AWS account that has already been registered with another RightScale account.  An AWS Account can only be associated with one RightScale account.  To gain access to the AWS account that you're trying to register, contact the owner of that RightScale account and ask them to send you an account invitation.
 

Your Amazon credentials are invalid: Your AWS account number does not correspond to the AWS access key ID. This will cause unpredictable behavior when accessing EC2.
The AWS Account Number, AWS Access Key ID, and/or AWS Secret Access Key do not match.  Log into your AWS Account to verify your information.
 

Your Amazon credentials are invalid: EC2: "OptInRequired: You are not subscribed to this service..."
If you receive the error message above, it's most likely because Amazon hasn't activated your subscription for the AWS services that you signed up for such as EC2, S3, etc.  You will need to wait to receive an email confirmation from Amazon when your subscriptions have been activated.
 

AWS account number can't be verified with these credentials.

The above error message could be caused by the following and to the steps to correct it:

  1. Make sure AWS is reachable using the Access Key and Secret Key
  2. The Account Number provided matches the Access and Secret Key permission
  3. Make sure that every AWS Region should have a Security Group as required for the registration to succeed.

 

For item 3, you may need to login to AWS console, then go to the region where it failed EC2 Region > EC2 > Security Groups. If there's no Security Group, create one via the Create Security Group button. You may need to verify that there is atleast one security for all AWS regions and try registering the cloud credential again to your RightScale account.

You must to post a comment.
Last modified
21:03, 28 Oct 2014

Tags

Classifications

This page has no classifications.

Announcements

None


© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.