Nodejs 项目,其媒体存储在 S3 存储桶中并使用
@aws-sdk/client-s3
作为 AWS SDK 客户端。 .env
和 S3Bucket.js
如下。
项目根目录下的.env:
AWS_ACCESSKEYID = AHMXXXXXXXXXXH
AWS_SECRETKEY = fdgggdgdmcxvxcvbvfdgffgfs
AWS_REGION = ap-south-1
S3Bucket.js
的配置:
const { S3Client, PutObjectCommand, DeleteObjectCommand, HeadObjectCommand } = require('@aws-sdk/client-s3')
const s3 = new S3Client({ accessKeyId: config.AWS_ACCESSKEYID, secretAccessKey: config.AWS_SECRETKEY, signatureVersion: 'v4', region: config.AWS_REGION })
但是,它仍然使用本地 aws 凭证的凭证,这意味着它正在使用来自
~/.aws/credentials
的 aws-cli 凭证。相反,它应该仅使用来自 .env
的 AWS 凭证。
CredentialsProviderError: Could not load credentials from any providers
at /node_modules/@aws-sdk/credential-provider-node/dist-cjs/defaultProvider.js:13:11
at /node_modules/@smithy/property-provider/dist-cjs/chain.js:12:39
at processTicksAndRejections (node:internal/process/task_queues:96:5)
at async coalesceProvider ( /node_modules/@smithy/property-provider/dist-cjs/memoize.js:14:24)
at async SignatureV4.credentialProvider ( /node_modules/@smithy/property-provider/dist-cjs/memoize.js:33:24)
at async SignatureV4.signRequest ( /node_modules/@smithy/signature-v4/dist-cjs/SignatureV4.js:106:29)
at async /node_modules/@aws-sdk/middleware-signing/dist-cjs/awsAuthMiddleware.js:16:18
at async /node_modules/@smithy/middleware-retry/dist-cjs/retryMiddleware.js:27:46
at async /node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/region-redirect-endpoint-middleware.js:14:24
at async /node_modules/@aws-sdk/middleware-sdk-s3/dist-cjs/region-redirect-middleware.js:9:20 {
我希望它使用 .env 中的 AWS 凭证,并在
S3Bucket.js
中配置相同的内容。但它正在从 ~/.aws/credentials
获取信用。
您提供凭据的方式不正确。
使用以下内容:
const { S3Client } = require("@aws-sdk/client-s3");
const client = new S3Client({
region: config.AWS_REGION,
signatureVersion: 'v4'
credentials: {
accessKeyId: config.AWS_ACCESSKEYID,
secretAccessKey: config.AWS_SECRETKEY
}
});
我不是 100% 确定这就是你在构造函数上提供签名 v4 的方式(文档令人震惊),但当我发现时我会更新。