【发布时间】:2019-09-12 00:13:12
【问题描述】:
可能问题出在VPC/安全组/策略上,应该注意什么?
堆栈如下:
com.veracode.security.logging.SecureExceptionWrapper: AWS was not able to validate the provided access credentials (Service: AmazonEC2; Status Code: 401; Error Code: AuthFailure; Request ID: 6777ec95-8167-4311-b46e-e40ce7043034)
com.amazonaws.http.AmazonHttpClient$RequestExecutor.handleErrorResponse(AmazonHttpClient.java:1640)
com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeOneRequest(AmazonHttpClient.java:1304)
com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:1058)
com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:743)
com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:717)
com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:699)
com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:667)
com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:649)
com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:513)
com.amazonaws.services.ec2.AmazonEC2Client.doInvoke(AmazonEC2Client.java:13611)
com.amazonaws.services.ec2.AmazonEC2Client.invoke(AmazonEC2Client.java:13587)
com.amazonaws.services.ec2.AmazonEC2Client.executeDescribeSubnets(AmazonEC2Client.java:8308)
com.amazonaws.services.ec2.AmazonEC2Client.describeSubnets(AmazonEC2Client.java:8284)
com.company.was.jobservice.utils.ec2.AmazonEC2ClientWrapper.describeSubnets(AmazonEC2ClientWrapper.java:112)
我还检查了政策,其中一项政策是: { “版本”:“2012-10-17”, “陈述”: [ { "Sid": "可视化编辑器0", “效果”:“允许”, “行动”: [ “ec2:描述*”, “ec2:创建标签” ], “资源”:“*” } ] }
此政策是否涵盖 describeSubnets?
【问题讨论】:
标签: amazon-web-services networking