如果我的问题是基本的,请原谅我,但我是 AWS 新手。我正在使用 Java 创建一个 lambda 函数,该函数可以从另一个 AWS 账户承担角色。我已经在另一个账户上创建了角色,在这个账户上创建了角色来承担该角色,并将该角色附加到我的 lambda 函数。(我已经使用用 Javascript 编写的 Lambda 函数测试了这些角色,并且它可以正常工作,因此应该正确设置它们)。
在我的 lambda 函数的代码中,我试图承担这个角色,以便我可以从另一个帐户访问一些服务。但是,我得到“配置文件不能为空”,如错误消息中所示,我不确定这意味着什么。
public String handleRequest(Map<String,String> event, Context context)
{
String clientRegion = "us-east-1";
String roleARN = "ARN_OF_ROLE_ON_THIS_ACC";
String roleSessionName = "session";
AWSSecurityTokenService stsClient = AWSSecurityTokenServiceClientBuilder.standard()
.withCredentials(new ProfileCredentialsProvider())
.withRegion(clientRegion)
.build();
AssumeRoleRequest roleRequest = new AssumeRoleRequest()
.withRoleArn(roleARN)
.withRoleSessionName(roleSessionName);
//The line below causes the error
AssumeRoleResult roleResponse = stsClient.assumeRole(roleRequest);
Credentials sessionCredentials = roleResponse.getCredentials();
BasicSessionCredentials awsCredentials = new BasicSessionCredentials(
sessionCredentials.getAccessKeyId(),
sessionCredentials.getSecretAccessKey(),
sessionCredentials.getSessionToken());
//do other stuff here
}
错误信息:
"errorMessage": "profile file cannot be null",
"errorType": "java.lang.IllegalArgumentException",
"stackTrace": [
"com.amazonaws.util.ValidationUtils.assertNotNull(ValidationUtils.java:37)",
"com.amazonaws.auth.profile.ProfilesConfigFile.<init>(ProfilesConfigFile.java:142)",
"com.amazonaws.auth.profile.ProfilesConfigFile.<init>(ProfilesConfigFile.java:133)",
"com.amazonaws.auth.profile.ProfilesConfigFile.<init>(ProfilesConfigFile.java:100)",
"com.amazonaws.auth.profile.ProfileCredentialsProvider.getCredentials(ProfileCredentialsProvider.java:135)",
"com.amazonaws.http.AmazonHttpClient$RequestExecutor.getCredentialsFromContext(AmazonHttpClient.java:1257)",
"com.amazonaws.http.AmazonHttpClient$RequestExecutor.runBeforeRequestHandlers(AmazonHttpClient.java:833)",
"com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:783)",
"com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:770)",
"com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:744)",
"com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:704)",
"com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:686)",
"com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:550)",
"com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:530)",
"com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.doInvoke(AWSSecurityTokenServiceClient.java:1728)",
"com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.invoke(AWSSecurityTokenServiceClient.java:1695)",
"com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.invoke(AWSSecurityTokenServiceClient.java:1684)",
"com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.executeAssumeRole(AWSSecurityTokenServiceClient.java:488)",
"com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.assumeRole(AWSSecurityTokenServiceClient.java:457)",
"com.amazon.amazonstoresadminportallambda.handlers.TestHandler.handleRequest(TestHandler.java:80)",
"sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)",
"sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)",
"sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)",
"java.lang.reflect.Method.invoke(Method.java:498)"
]
}
谁能帮我这个?提前致谢!