AWS S3 返回“找不到身份池 ID”

Question

我在我的项目中使用 xcode 6.4。问题是我遇到了一些关于 AWS S3（Amazon Web Services S3）的问题。我需要做的是从存储桶中下载文件。它说未找到身份池 ID，但已经检查了几次，在控制台中完全相同。我在尝试下载文件时收到此错误消息。

2015-10-01 14:44:09.470 XXXXX[9842:360833] AWSiOSSDKv2 [Error] AWSIdentityProvider.m line:185 | __51-[AWSAbstractCognitoIdentityProvider getIdentityId]_block_invoke169 | GetId failed. Error is [Error Domain=com.amazonaws.AWSCognitoIdentityErrorDomain Code=12 "The operation couldn’t be completed. (com.amazonaws.AWSCognitoIdentityErrorDomain error 12.)" UserInfo=0x7ff56b0f1260 {__type=ResourceNotFoundException, message=IdentityPool 'ap-northeast-1:a4ef1695-XXXX-4e7c-XXXX-56f2a09eXXXX' not found.}]
2015-10-01 14:44:09.471 XXXXX[9842:360833] AWSiOSSDKv2 [Error] AWSCredentialsProvider.m line:527 | __40-[AWSCognitoCredentialsProvider refresh]_block_invoke352 | Unable to refresh. Error is [Error Domain=com.amazonaws.AWSCognitoIdentityErrorDomain Code=12 "The operation couldn’t be completed. (com.amazonaws.AWSCognitoIdentityErrorDomain error 12.)" UserInfo=0x7ff56b0f1260 {__type=ResourceNotFoundException, message=IdentityPool 'ap-northeast-1:a4ef1695-XXXX-4e7c-XXXX-56f2a09eXXXX' not found.}]

AppDelegate.swift

import UIKit
import CoreData
import AWSS3

@UIApplicationMain
class AppDelegate: UIResponder, UIApplicationDelegate {

    var window: UIWindow?
    var cognitoIdentityPoolId: String = "ap-northeast-1:a4ef1695-XXXX-4e7c-XXXX-56f2a09eXXXX"

    func application(application: UIApplication, didFinishLaunchingWithOptions launchOptions: [NSObject: AnyObject]?) -> Bool {
        // Override point for customization after application launch.

        let credentialsProvider = AWSCognitoCredentialsProvider(regionType: AWSRegionType.APNortheast1, identityPoolId: cognitoIdentityPoolId)

        let defaultServiceConfiguration = AWSServiceConfiguration(
            region: AWSRegionType.APNortheast1, credentialsProvider: credentialsProvider)

        AWSServiceManager.defaultServiceManager().defaultServiceConfiguration = defaultServiceConfiguration

        return true
    }

    /* -- */
}

ViewController.swift

import UIKit
import AWSS3

class ViewController: UIViewController{
    let transferManager = AWSS3TransferManager.defaultS3TransferManager()
    override func viewDidLoad() {
        super.viewDidLoad()

        var downloadingFilePath: NSString = NSTemporaryDirectory().stringByAppendingPathComponent("downloaded-myImage.gif")
        var downloadingFileURL: NSURL = NSURL.fileURLWithPath(downloadingFilePath as String)!

        var downloadRequest = AWSS3TransferManagerDownloadRequest()

        downloadRequest.bucket = "xxxxxx-stg/events"
        downloadRequest.key = "myImage.gif"
        downloadRequest.downloadingFileURL = downloadingFileURL

        transferManager.download(downloadRequest).continueWithSuccessBlock({
            (task: AWSTask!) -> AWSTask! in
            dispatch_async(dispatch_get_main_queue(), {
                println("test")
            })

            return nil
        })
    }
}

是关于 IAM 政策问题还是需要设置自定义身份验证提供程序？

参考：http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html

Answer 1

确保您已设置 IAM 政策。它位于 IAM -> 角色 -> 内联策略 -> 编辑策略下。它应该类似于以下内容：

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "mobileanalytics:PutEvents",
                "cognito-sync:*",
                "s3:*"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

Answer 2

我已经得到了答案。我像这样更新 IAM 政策

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "mobileanalytics:PutEvents",
                "cognito-sync:*"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

并允许Unauthenticated Access。

Answer 3

我通过将“AmazonS3ReadOnlyAccess”策略附加到我尝试使用的 IAM 实体（包括未验证角色）解决了这个问题。如果您正在构建的内容可以，您还可以附加“AmazonS3FullAccess”策略。这些政策可在您的 IAM 页面的“政策”标签中找到。