in reply to Re: Paws questions
in thread Paws questions

Thanks for the answer - but I guess that would be the answer for a 3. question :)

The error I get seems to say that I'm not authenticating properly - I get the same error if using an altered MY_ACCESS_KEY_ID.
I used the ROLE_ARN as param in the call in order to avoid the possible non-inheriting in the credentials file,
but in a final code version, I'd like to have that too only in the credentials file.

Replies are listed 'Best First'.
Re^3: Paws questions
by nikosv (Deacon) on May 04, 2017 at 09:16 UTC
      Yes, but that is supposed to happen - and happens - 'under the hood'.

      Basically, I'm trying to access the cloudwatch service, with an IAM user account set up to switch to a given role, from an external (non-AwS) machine.
        In this case I would suggest setting up an API Gateway which exposes and HTTP API endpoint which calls into the Cloudwatch service. Since you don't want to use any AWS credentials in the clean machine you can authorize through creating API Keys by choosing security for your endpoint as "Open with access key", so that you can access the backend service over HTTP