我正在尝试访问一个简单的 AWS IOT REST 服务,但还没有成功。这就是我所做的。
- 我在我的 aws 中创建了一个 iam 用户并下载了访问密钥和密钥
- 使用该用户登录 AWS IOT 并创建了一个“事物”
- 从事物的属性中,我找到了阴影的 REST URL
- 使用具有新“aws 签名”功能的 Postman,并为其提供访问密钥、密钥、区域 (us-east-1) 和服务名称 (iot)
试图“获取”端点,这就是我得到的 -
{ "message": "Credential should be scoped to correct service. ", "traceId": "be056198-d202-455f-ab85-805defd1260d" }
我认为邮递员有问题,所以我尝试使用连接到 S3 的 aws-sdk-sample 示例并将其更改为连接到 IOT URL。这是我的程序片段(Java)
String awsAccessKey = "fasfasfasdfsdafs"; String awsSecretKey = "asdfasdfasfasdfasdfasdf/asdfsdafsd/fsdafasdf"; URL endpointUrl = null; String regionName = "us-east-1"; try { endpointUrl = new URL("https://dasfsdfasdf.iot.us-east-1.amazonaws.com/things/SOMETHING/shadow"); }catch (Exception e){ e.printStackTrace(); } Map<String, String> headers = new HashMap<String, String>(); headers.put("x-amz-content-sha256", AWSSignerBase.EMPTY_BODY_SHA256); AWSSignerForAuthorizationHeader signer = new AWSSignerForAuthorizationHeader( endpointUrl, "GET", "iot", regionName); String authorization = signer.computeSignature(headers, null, // no query parameters AWSSignerBase.EMPTY_BODY_SHA256, awsAccessKey, awsSecretKey); // place the computed signature into a formatted 'Authorization' header // and call S3 headers.put("Authorization", authorization); String response = HttpUtils.invokeHttpRequest(endpointUrl, "GET", headers, null); System.out.println("--------- Response content ---------"); System.out.println(response); System.out.println("------------------------------------");
这给了我同样的错误-
--------- Request headers ---------
x-amz-content-sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Authorization: AWS4-HMAC-SHA256 Credential=fasfasfasdfsdafs/20160212/us-east-1/iot/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=3b2194051a8dde8fe617219c78c2a79b77ec92338028e9e917a74e8307f4e914
x-amz-date: 20160212T182525Z
Host: dasfsdfasdf.iot.us-east-1.amazonaws.com
--------- Response content ---------
{"message":"Credential should be scoped to correct service. ","traceId":"cd3e0d96-82fa-4da5-a4e1-b736af6c5e34"}
------------------------------------
有人可以告诉我我做错了什么吗?AWS 文档没有关于此错误的太多信息。请帮忙