"Unable to get IAM security credentials"

Hi there.

When I try to connect to a Gamelift session in another computer, I get the following error:

“AmazonServiceException: Unable to get IAM security credentials from EC2 Instance Metadata Service”

Why is this happening? I am not using IAM or anything fancy, I just want to connect to a gamelift server.

Weirdly enough, this works just fine in my computer: i can connect to the server just fine through gamelift, I can’t however connect on another computer. What gives?

The AWS SDKs have a standard search pattern for credentials when code makes a request.

Basically:

  • You provide the credentials when you make your client/session
  • Or the SDK will search in a fixed order for the credentials to use

Typically this search is:

  • Check environment variables
  • Check your AWS CLI credentials for defaults (.aws/credentials, .aws/config)
  • And finally, most have a check to see if they are running on EC2 in which case, they check the EC2 metadata service on the box.

For example the C++ SDK documentation: https://github.com/aws/aws-sdk-cpp/blob/master/Docs/Credentials_Providers.md/developer-guide/credentials.html

It looks like you are creating a GameLift client but not providing it credentials, the SDK is then trying to search for a source of credentials and its final check is looking for EC2 Metadata which fails. It works on your local machine because you have some credentials configured somewhere in that search chain.

Solution: Configure some AWS credentials, or if this is a server running on GameLift configure the fleet instance role to do what you require.