2

我如何承担 lambda 的角色以使用 java SDK 调用 API 网关

4

1 回答 1

1

我假设您指的是 API Gateway 生成的 Java SDK。Client Builder 有一个方法public void setIamCredentials(AWSCredentialsProvider iamCredentials)。您可以将 AWSStaticCredentialsProvider 传递给该方法,该方法可以按如下方式生成:

AWSSecurityTokenService client = AWSSecurityTokenServiceClientBuilder.standard().build();
AssumeRoleRequest request = new AssumeRoleRequest().withRoleArn(iamRole)
            .withRoleSessionName(yourRoleName);

AssumeRoleResult response = client.assumeRole(request);

return new AWSStaticCredentialsProvider(
            new BasicSessionCredentials(
                    response.getCredentials().getAccessKeyId(),
                    response.getCredentials().getSecretAccessKey(),
                    response.getCredentials().getSessionToken()));

请记住,您需要在角色上设置 IAM 策略以允许其访问您的 API 网关:https ://docs.aws.amazon.com/apigateway/latest/developerguide/permissions.html

于 2019-11-04T13:50:38.073 回答