我正在尝试刷新AWS FileGateway上的缓存。我已经使用这样的AWSStorageGatewayClientBuilder对象构建了 AWSStorageGateway -
AWSStorageGateway awsStorageGateway = AWSStorageGatewayClientBuilder.standard()
.withRegion(region)
.withCredentials(new AWSStaticCredentialsProvider(credentials))
.build();
另外,我正在使用它来构建 ARN -
RefreshCacheRequest refreshCacheRequest = new RefreshCacheRequest();
refreshCacheRequest.setFileShareARN("arn:aws:storagegateway:"+region+":"+awsId+":"+shareID);
ARN 的格式为,
arn:aws:storagegateway:region:account-id:share/share-id
最后,我像这样刷新缓存 0
awsStorageGateway.refreshCache(refreshCacheRequest);
我得到了这个例外 -
com.amazonaws.services.storagegateway.model.AWSStorageGatewayException: User: arn:aws:iam::12345:user/system/func-user is not authorized to perform: storagegateway:RefreshCache on resource: arn:aws:storagegateway:region:account-id:share-id (Service: AWSStorageGateway; Status Code: 400; Error Code: AccessDeniedException; Request ID:request ID)
我在这里错过了什么吗?
我很确定我拥有的 IAM 访问密钥具有优势。
PS - 我给出的 account-id 是 IAM 的访问密钥