0

我正在尝试在 AWS-SDK v2 中为 Javascript 设置临时凭证:

const aws = require('aws-sdk')

aws.config = new aws.Config({
  credentials: new aws.ChainableTemporaryCredentials({
    params: {
      RoleArn: roleArn, // Defined earlier
      RoleSessionName: sessionName, // Defined earlier
      DurationSeconds: 15 * 60
    },
    masterCredentials: new aws.Credentials({
      accessKeyId: accessKeyId, // Defined earlier
      secretAccessKey: awsSecretAccessKey // Defined earlier
    })
  }),
  region: 'us-east-1',
  signatureVersion: 'v4'
})

aws.config.getCredentials(function (err) {
  if (err) console.log(err.stack)
  else console.log('Access key:', aws.config.credentials.accessKeyId)
})

但是,我不断收到以下错误,该错误在调用 getCredentials 时发生: CredentialsError: Could not load credentials from ChainableTemporaryCredentials

请注意,如果我将credentials参数设置为主凭据而不是临时凭据,则它可以正常工作,如下所示:

aws.config = new aws.Config({
  credentials: new aws.Credentials({
    accessKeyId: accessKeyId, // Defined earlier
    secretAccessKey: awsSecretAccessKey // Defined earlier
  }),
  region: 'us-east-1',
  signatureVersion: 'v4'
})

有谁知道是什么导致了这个问题?这是我引用的文档: https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Config.html https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/Credentials.html https ://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/ChainableTemporaryCredentials.html

4

1 回答 1

0

我终于能够找出这个错误的原因。

是什么让我找出错误的原因是当我打印出完整的错误而不是最近的错误时。错误的属性之一是:

originalError: {
          message: 'The request signature we calculated does not match the signature you provided. Check your AWS Secret Access Key and signing method. Consult the service documentation for details.',
          code: 'SignatureDoesNotMatch',
          time: 2021-12-11T19:49:52.395Z,
          requestId: '402e4c32-7989-4287-a6a9-628bfc93f60f',
          statusCode: 403,
          retryable: false,
          retryDelay: 39.60145242362791
        }

所以我意识到问题是我提供的硕士证书不正确!

实际上,我一直都知道这些凭据不正确,但出于单元测试的目的,只要我不提供临时凭据,这些不正确的凭据似乎就可以正常工作。但现在我知道,getCredentials如果您使用临时凭证,该函数会使用 AWS 验证凭证,但使用主凭证时不会使用 AWS 进行验证。这解释了我看到的奇怪行为。

于 2021-12-13T17:35:26.753 回答