Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
unable to get credentials and initialize API ... read /home/opuser/.op/1password-credentials.json:
I am trying to spin up a basic 1password connect server. I have created my Access Token and Credentials file, spun up a fresh server, loaded the 1password-credentials.json file onto the directory ~/1...
For kicks and giggles I spun this up on Docker Desktop for Windows, and quickly got the configuration working. So, something must be wrong with my Amazon_Linux configuration. I can try rebuilding this machine to see if the error occurs again. In the meantime, I'll post my configs in case someone else would like to try replicating the issue.
Terraform Config:
```
Terraform HCL
provider "aws" {
region = "us-east-1"
shared_credentials_file = "~/.aws/credentials"
profile = "default"
}
resource "aws_security_group" "onepassword_connect_api" {
name = "onepassword_connect_api"
description = "Allow 8080 traffic into 1password API"
ingress = [
{
description = "API"
from_port = 8080
to_port = 8080
protocol = "tcp"
cidr_blocks = ["
ipv6_cidr_blocks = []
prefix_list_ids = []
self = false
security_groups = []
}
]
egress = [
{
description = "any"
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
ipv6_cidr_blocks = []
prefix_list_ids = []
self = false
security_groups = []
}
]
tags = {
Name = "onepassword_connect_api"
name = "onepassword_connect_api"
}
}
resource "aws_instance" "use1vl1pc" {
ami = "ami-087c17d1fe0178315"
instance_type = "t2.micro"
availability_zone = "us-east-1d"
key_name = "
vpc_security_group_ids = [
"
"${aws_security_group.onepassword_connect_api.id}"
]
tags = {
name = "use1vl1pc"
description = "1Password Connect server, allows our applications to use 1Password Vaults"
Name = "use1vl1pc"
project = "internal"
}
}
resource "aws_eip" "use1vl1pc_EIP" {
instance = "${aws_instance.use1vl1pc.id}"
vpc = true
tags = {
name = "use1vl1pc_EIP"
ec2Target = "use1vl1pc"
project = "internal"
}
}
```
There you can see the AMI I'm using if you just want to build it manually. Then I run a shell script because I'm still working on Configuration Management for this company.
1password_connect_setup.sh
```
!/bin/bash
sudo yum update -y
sudo yum install -y tmux yum-utils git
install Docker Engine, Amazon Linux 2
sudo amazon-linux-extras install -y docker
sudo systemctl enable docker && sudo systemctl start docker
if groups | grep -q docker; then
echo "ec2-user is already part of the docker group"
else
echo "adding ec2-user to docker group"
sudo usermod -aG docker ec2-user && sudo su - ec2-user #enable ec2-user to use docker without sudo
fi
sudo docker run hello-world #test if docker runs ok
install docker-compose Amazon Linux 2
sudo curl -L https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s)-$(uname -m) -o /usr/local/bin/docker-compose
sudo chmod +x /usr/local/bin/docker-compose
docker-compose version
install 1password connect
mkdir -p ~/1pass
cd ~/1pass
# add something here to download the repository
docker-compose up -d
```
