AWS Java SDK 错误：无法从任何提供商加载凭证

Question

我正在编写一个测试，看看我是否可以在本地计算机上以 Java 形式访问存储在 AWS Secrets Manager 中的凭证。

我已经按照 aws 文档

此处

中的建议运行 aws sts get-caller-identity 命令来测试我的计算机上是否有活动会话。

我什至在intelliJ的终端中运行了命令

aws secretsmanager get-secret-value --secret-id some-id

来检查我是否可以检索秘密值并且我成功了。

但是，当我尝试使用 AWS SDK 获取该值时

var client = SecretsManagerClient.builder()
        .region(Region.of(region))
        .build();

var getSecretValueRequest = GetSecretValueRequest.builder()
        .secretId(secretName)
        .build();

var getSecretValueResponse = client.getSecretValue(getSecretValueRequest);

失败并出现以下错误：

software.amazon.awssdk.core.exception.SdkClientException: Unable to load credentials from any of the providers in the chain AwsCredentialsProviderChain(credentialsProviders=[SystemPropertyCredentialsProvider(), EnvironmentVariableCredentialsProvider(), WebIdentityTokenCredentialsProvider(), ProfileCredentialsProvider(profileName=default, profileFile=ProfileFile(profilesAndSectionsMap=[{default=Profile(name=default, properties=[output, sso_session, aws_access_key_id, aws_secret_access_key, region, sso_role_name, sso_account_id])}, {my-sso=Profile(name=my-sso, properties=[sso_region, sso_start_url, sso_registration_scopes])}])), ContainerCredentialsProvider(), InstanceProfileCredentialsProvider()]) : [SystemPropertyCredentialsProvider(): Unable to load credentials from system settings. Access key must be specified either via environment variable (AWS_ACCESS_KEY_ID) or system property (aws.accessKeyId)., EnvironmentVariableCredentialsProvider(): Unable to load credentials from system settings. Access key must be specified either via environment variable (AWS_ACCESS_KEY_ID) or system property (aws.accessKeyId)., WebIdentityTokenCredentialsProvider(): Either the environment variable AWS_WEB_IDENTITY_TOKEN_FILE or the javaproperty aws.webIdentityTokenFile must be set., ProfileCredentialsProvider(profileName=default, profileFile=ProfileFile(profilesAndSectionsMap=[{default=Profile(name=default, properties=[output, sso_session, aws_access_key_id, aws_secret_access_key, region, sso_role_name, sso_account_id])}, {my-sso=Profile(name=my-sso, properties=[sso_region, sso_start_url, sso_registration_scopes])}])): To use Sso related properties in the 'default' profile, the 'sso' service module must be on the class path., ContainerCredentialsProvider(): Cannot fetch credentials from container - neither AWS_CONTAINER_CREDENTIALS_FULL_URI or AWS_CONTAINER_CREDENTIALS_RELATIVE_URI environment variables are set., InstanceProfileCredentialsProvider(): Failed to load credentials from IMDS.]

    at software.amazon.awssdk.core.exception.SdkClientException$BuilderImpl.build(SdkClientException.java:111)
    at software.amazon.awssdk.auth.credentials.AwsCredentialsProviderChain.resolveCredentials(AwsCredentialsProviderChain.java:117)
    at software.amazon.awssdk.auth.credentials.internal.LazyAwsCredentialsProvider.resolveCredentials(LazyAwsCredentialsProvider.java:45)
    at software.amazon.awssdk.auth.credentials.DefaultCredentialsProvider.resolveCredentials(DefaultCredentialsProvider.java:123)
    at software.amazon.awssdk.core.internal.util.MetricUtils.measureDuration(MetricUtils.java:50)
    at software.amazon.awssdk.awscore.internal.authcontext.AwsCredentialsAuthorizationStrategy.resolveCredentials(AwsCredentialsAuthorizationStrategy.java:100)
    at software.amazon.awssdk.awscore.internal.authcontext.AwsCredentialsAuthorizationStrategy.addCredentialsToExecutionAttributes(AwsCredentialsAuthorizationStrategy.java:77)
    at software.amazon.awssdk.awscore.internal.AwsExecutionContextBuilder.invokeInterceptorsAndCreateExecutionContext(AwsExecutionContextBuilder.java:120)
    at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.invokeInterceptorsAndCreateExecutionContext(AwsSyncClientHandler.java:69)
    at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.lambda$execute$1(BaseSyncClientHandler.java:78)
    at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.measureApiCallSuccess(BaseSyncClientHandler.java:179)
    at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.execute(BaseSyncClientHandler.java:76)
    at software.amazon.awssdk.core.client.handler.SdkSyncClientHandler.execute(SdkSyncClientHandler.java:45)
    at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.execute(AwsSyncClientHandler.java:56)
    at software.amazon.awssdk.services.secretsmanager.DefaultSecretsManagerClient.getSecretValue(DefaultSecretsManagerClient.java:983)

Answer 1

将您的凭据放入名为 Credentals 的文件中，如 Java DEV 指南中所述。

https://docs.aws.amazon.com/sdk-for-java/latest/developer-guide/credentials-chain.html

看选项 4。参见此图。

这个文件的内容是。

[默认] aws_access_key_id=AKIxxxxxxxxxxxxxxxxxxxxxxxxxxx aws_secret_access_key=K3Oxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

AWS Java SDK 错误：无法从任何提供商加载凭证

问题描述投票：0回答：1

1个回答

最新问题

AWS Java SDK 错误：无法从任何提供商加载凭证

问题描述 投票：0回答：1

1个回答

最新问题

问题描述投票：0回答：1