将文件上传到 s3 时出现 AWS Cognito 异常

【问题标题】:AWS Cognito Exception while uploading a file to s3将文件上传到 s3 时出现 AWS Cognito 异常
【发布时间】:2016-07-24 23:14:23
【问题描述】: 
public static void main(String[] args) {
    AmazonCognitoIdentity identityClient = new AmazonCognitoIdentityClient(new AnonymousAWSCredentials());
    identityClient.setEndpoint("cognito-identity.us-east-1.amazonaws.com");
    identityClient.setRegion(Region.getRegion(Regions.US_EAST_1));
    GetIdRequest idRequest = new GetIdRequest();
    idRequest.setAccountId("XXXXXXXXX");
    idRequest.setIdentityPoolId("XXXXXXX");
    GetIdResult idResp = identityClient.getId(idRequest);
    String identityId = idResp.getIdentityId();
    GetOpenIdTokenRequest tokenRequest = new GetOpenIdTokenRequest();
    tokenRequest.setIdentityId(identityId);
    GetOpenIdTokenResult tokenResp = identityClient.getOpenIdToken(tokenRequest);
    String openIdToken = tokenResp.getToken();
    AWSSecurityTokenService stsClient = new AWSSecurityTokenServiceClient(new AnonymousAWSCredentials());
    AssumeRoleWithWebIdentityRequest stsReq = new AssumeRoleWithWebIdentityRequest();
    stsReq.setRoleArn(
            "arn:aws:cognito-identity:us-east-1:XXXXXX:identitypool/us-east-1:XXXXXXX");
    stsReq.setWebIdentityToken(openIdToken);
    stsReq.setRoleSessionName("AppTestSession");


    AssumeRoleWithWebIdentityResult stsResp = stsClient.assumeRoleWithWebIdentity(stsReq);
    Credentials stsCredentials = stsResp.getCredentials();

    AWSSessionCredentials sessionCredentials = new BasicSessionCredentials(stsCredentials.getAccessKeyId(),
            stsCredentials.getSecretAccessKey(), stsCredentials.getSessionToken());
    Date sessionCredentialsExpiration = stsCredentials.getExpiration();
    System.out.println("session credentials expiration -> " + sessionCredentialsExpiration);

    String bucketName = "s3fileupload";
    String keyName = "cognitokey";
    String uploadFileName = "/home/fresher/Downloads/say-hello.jpg";
    AmazonS3 s3client = new AmazonS3Client(sessionCredentials);
    s3client.setEndpoint("s3fileupload.s3-website-us-west-2.amazonaws.com");

    File file = new File(uploadFileName);
    s3client.putObject(new PutObjectRequest(bucketName, keyName, file));
}

我收到“请求 ARN 无效”的异常。 你能指导我完成这个吗?

请求 ARN 无效(服务:AWSSecurityTokenService;状态代码:400;错误代码:ValidationError;请求 ID:XXXXXXXXXXXXXXXXXX)

【问题讨论】:

    标签: java amazon-web-services amazon-cognito


    【解决方案1】:

    在您的 STS 请求中,您传递的是 Cognito 身份的 ARN,而不是您要为其获取凭据的角色 ARN。

    此处的值应该是您在 IAM 中配置的角色的 ARN。它看起来像这样:

    arn:aws:iam::123456789012:role/ROLE_NAME

    【讨论】:

      猜你喜欢
      • 2016-01-23
      • 2019-02-20
      • 2015-04-04
      • 2020-05-07
      • 2018-07-03
      • 1970-01-01
      • 2020-08-26
      • 2013-03-05
      • 2013-05-30
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode