In order for boto to access an s3 resource it must be able to get the access key and secret key for an s3 account. The 3 ways that boto can obtain the keys are in the following order of precedence. 1) Credentials passed into Connection class constructor 2) Credentials specified by environment variables 3) Credentials specified as options in a config file The easiest way for boto to read proper s3 credentials are from a global config file in /etc/boto.cfg or on a user basis in ~/.boto. An example config file looks like the following: [Credentials] aws_access_key_id = <your access key> aws_secret_access_key = <your secret key> [Boto] debug = 0 num_retries = 10 proxy = myproxy.com proxy_port = 8080 proxy_user = foo proxy_pass = bar