0
私はawsアカウントにユーザ名logingUserIdを持っています。私はCIサーバにアクセスプロファイルを作成して、キネシス、dynamodbなどのAWSツールに対してアプリケーションをテストできるようにしたいと思います。AssumeRoleRequestを使用してアクセスキー、秘密鍵、およびセッショントークンを生成する方法を記述しました。それは動作していないようです。aws-java-sdk aws以外の環境の一時的な資格情報を取得
it("provides temporary access to AWS") {
val assumeRoleRequest = new AssumeRoleRequest
assumeRoleRequest.setRoleArn("arn:aws:iam::" + accountId + ":role/" + roleName)
assumeRoleRequest.setRoleSessionName("test-session")
assumeRoleRequest.setExternalId(loginUserId)
val tokenService = new AWSSecurityTokenServiceClient() //
tokenService.setEndpoint("sts-endpoint.amazonaws.com")
tokenService.assumeRole(assumeRoleRequest)
val tokenRequestEvent = new GetSessionTokenRequest()
tokenRequestEvent.setDurationSeconds(7200) // optional
val tokenResponseEvent =
tokenService.getSessionToken(tokenRequestEvent)
val creds = tokenResponseEvent.getCredentials
println(creds.getAccessKeyId) //write to ~/.aws/credentials
println(creds.getSecretAccessKey) //write to ~/.aws/credentials
println(creds.getSessionToken) //write to ~/.aws/credentials
println(creds.getExpiration)
}
エラー - チェーン内の任意のプロバイダからAWSの資格情報を読み込むことができませんが
/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/bin/java -Didea.launcher.port=7541 "-Didea.launcher.bin.path=/Applications/IntelliJ IDEA.app/Contents/bin" -Dfile.encoding=UTF-8 -classpath "/Users/as18/Library/Application Support/IntelliJIdea2016.2/Scala/lib/scala-plugin-runners.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/charsets.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/deploy.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/ext/cldrdata.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/ext/dnsns.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/ext/jaccess.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/ext/jfxrt.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/ext/localedata.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/ext/nashorn.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/ext/sunec.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/ext/sunjce_provider.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/ext/sunpkcs11.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/ext/zipfs.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/javaws.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/jce.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/jfr.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/jfxswt.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/jsse.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/management-agent.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/plugin.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/resources.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/jre/lib/rt.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/lib/ant-javafx.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/lib/dt.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/lib/javafx-mx.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/lib/jconsole.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/lib/packager.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/lib/sa-jdi.jar:/Library/Java/JavaVirtualMachines/jdk1.8.0_111.jdk/Contents/Home/lib/tools.jar:/Users/as18/possibilities/programming/s2/whats-in-stream-v2/target/test-classes:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk/1.11.109/aws-java-sdk-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-pinpoint/1.11.109/aws-java-sdk-pinpoint-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/jmespath-java/1.11.109/jmespath-java-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-xray/1.11.109/aws-java-sdk-xray-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-opsworkscm/1.11.109/aws-java-sdk-opsworkscm-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-support/1.11.109/aws-java-sdk-support-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-simpledb/1.11.109/aws-java-sdk-simpledb-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-servicecatalog/1.11.109/aws-java-sdk-servicecatalog-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-servermigration/1.11.109/aws-java-sdk-servermigration-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-simpleworkflow/1.11.109/aws-java-sdk-simpleworkflow-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-storagegateway/1.11.109/aws-java-sdk-storagegateway-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-route53/1.11.109/aws-java-sdk-route53-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-s3/1.11.109/aws-java-sdk-s3-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-importexport/1.11.109/aws-java-sdk-importexport-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-sts/1.11.109/aws-java-sdk-sts-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-sqs/1.11.109/aws-java-sdk-sqs-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-rds/1.11.109/aws-java-sdk-rds-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-redshift/1.11.109/aws-java-sdk-redshift-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-elasticbeanstalk/1.11.109/aws-java-sdk-elasticbeanstalk-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-glacier/1.11.109/aws-java-sdk-glacier-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-iam/1.11.109/aws-java-sdk-iam-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-datapipeline/1.11.109/aws-java-sdk-datapipeline-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-elasticloadbalancing/1.11.109/aws-java-sdk-elasticloadbalancing-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-elasticloadbalancingv2/1.11.109/aws-java-sdk-elasticloadbalancingv2-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-emr/1.11.109/aws-java-sdk-emr-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-elasticache/1.11.109/aws-java-sdk-elasticache-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-elastictranscoder/1.11.109/aws-java-sdk-elastictranscoder-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-ec2/1.11.109/aws-java-sdk-ec2-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-dynamodb/1.11.109/aws-java-sdk-dynamodb-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-sns/1.11.109/aws-java-sdk-sns-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-budgets/1.11.109/aws-java-sdk-budgets-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-cloudtrail/1.11.109/aws-java-sdk-cloudtrail-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-cloudwatch/1.11.109/aws-java-sdk-cloudwatch-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-logs/1.11.109/aws-java-sdk-logs-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-events/1.11.109/aws-java-sdk-events-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-cognitoidentity/1.11.109/aws-java-sdk-cognitoidentity-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-cognitosync/1.11.109/aws-java-sdk-cognitosync-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-directconnect/1.11.109/aws-java-sdk-directconnect-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-cloudformation/1.11.109/aws-java-sdk-cloudformation-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-cloudfront/1.11.109/aws-java-sdk-cloudfront-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-clouddirectory/1.11.109/aws-java-sdk-clouddirectory-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-kinesis/1.11.109/aws-java-sdk-kinesis-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-opsworks/1.11.109/aws-java-sdk-opsworks-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-ses/1.11.109/aws-java-sdk-ses-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-autoscaling/1.11.109/aws-java-sdk-autoscaling-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-cloudsearch/1.11.109/aws-java-sdk-cloudsearch-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-cloudwatchmetrics/1.11.109/aws-java-sdk-cloudwatchmetrics-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-codedeploy/1.11.109/aws-java-sdk-codedeploy-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-codepipeline/1.11.109/aws-java-sdk-codepipeline-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-kms/1.11.109/aws-java-sdk-kms-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-config/1.11.109/aws-java-sdk-config-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-lambda/1.11.109/aws-java-sdk-lambda-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-ecs/1.11.109/aws-java-sdk-ecs-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-ecr/1.11.109/aws-java-sdk-ecr-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-cloudhsm/1.11.109/aws-java-sdk-cloudhsm-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-ssm/1.11.109/aws-java-sdk-ssm-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-workspaces/1.11.109/aws-java-sdk-workspaces-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-machinelearning/1.11.109/aws-java-sdk-machinelearning-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-directory/1.11.109/aws-java-sdk-directory-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-efs/1.11.109/aws-java-sdk-efs-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-codecommit/1.11.109/aws-java-sdk-codecommit-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-devicefarm/1.11.109/aws-java-sdk-devicefarm-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-elasticsearch/1.11.109/aws-java-sdk-elasticsearch-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-waf/1.11.109/aws-java-sdk-waf-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-marketplacecommerceanalytics/1.11.109/aws-java-sdk-marketplacecommerceanalytics-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-inspector/1.11.109/aws-java-sdk-inspector-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-iot/1.11.109/aws-java-sdk-iot-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-api-gateway/1.11.109/aws-java-sdk-api-gateway-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-acm/1.11.109/aws-java-sdk-acm-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-gamelift/1.11.109/aws-java-sdk-gamelift-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-dms/1.11.109/aws-java-sdk-dms-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-marketplacemeteringservice/1.11.109/aws-java-sdk-marketplacemeteringservice-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-cognitoidp/1.11.109/aws-java-sdk-cognitoidp-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-discovery/1.11.109/aws-java-sdk-discovery-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-applicationautoscaling/1.11.109/aws-java-sdk-applicationautoscaling-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-snowball/1.11.109/aws-java-sdk-snowball-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-rekognition/1.11.109/aws-java-sdk-rekognition-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-polly/1.11.109/aws-java-sdk-polly-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-lightsail/1.11.109/aws-java-sdk-lightsail-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-stepfunctions/1.11.109/aws-java-sdk-stepfunctions-1.11.109.jar:/Users/as18/.m2/repository/com/jayway/jsonpath/json-path/2.2.0/json-path-2.2.0.jar:/Users/as18/.m2/repository/org/slf4j/slf4j-api/1.7.16/slf4j-api-1.7.16.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-health/1.11.109/aws-java-sdk-health-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-costandusagereport/1.11.109/aws-java-sdk-costandusagereport-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-codebuild/1.11.109/aws-java-sdk-codebuild-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-appstream/1.11.109/aws-java-sdk-appstream-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-shield/1.11.109/aws-java-sdk-shield-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-batch/1.11.109/aws-java-sdk-batch-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-lex/1.11.109/aws-java-sdk-lex-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-mechanicalturkrequester/1.11.109/aws-java-sdk-mechanicalturkrequester-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-organizations/1.11.109/aws-java-sdk-organizations-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-workdocs/1.11.109/aws-java-sdk-workdocs-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-core/1.11.109/aws-java-sdk-core-1.11.109.jar:/Users/as18/.m2/repository/commons-logging/commons-logging/1.1.3/commons-logging-1.1.3.jar:/Users/as18/.m2/repository/org/apache/httpcomponents/httpclient/4.5.2/httpclient-4.5.2.jar:/Users/as18/.m2/repository/org/apache/httpcomponents/httpcore/4.4.4/httpcore-4.4.4.jar:/Users/as18/.m2/repository/commons-codec/commons-codec/1.9/commons-codec-1.9.jar:/Users/as18/.m2/repository/software/amazon/ion/ion-java/1.0.2/ion-java-1.0.2.jar:/Users/as18/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.6.6/jackson-databind-2.6.6.jar:/Users/as18/.m2/repository/com/fasterxml/jackson/core/jackson-annotations/2.6.0/jackson-annotations-2.6.0.jar:/Users/as18/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.6.6/jackson-core-2.6.6.jar:/Users/as18/.m2/repository/com/fasterxml/jackson/dataformat/jackson-dataformat-cbor/2.6.6/jackson-dataformat-cbor-2.6.6.jar:/Users/as18/.m2/repository/joda-time/joda-time/2.8.1/joda-time-2.8.1.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-models/1.11.109/aws-java-sdk-models-1.11.109.jar:/Users/as18/.m2/repository/com/amazonaws/aws-java-sdk-swf-libraries/1.11.22/aws-java-sdk-swf-libraries-1.11.22.jar:/Users/as18/.m2/repository/org/scalatest/scalatest_2.11/3.0.1/scalatest_2.11-3.0.1.jar:/Users/as18/.m2/repository/org/scala-lang/scala-library/2.11.8/scala-library-2.11.8.jar:/Users/as18/.m2/repository/org/scalactic/scalactic_2.11/3.0.1/scalactic_2.11-3.0.1.jar:/Users/as18/.m2/repository/org/scala-lang/scala-reflect/2.11.8/scala-reflect-2.11.8.jar:/Users/as18/.m2/repository/org/scala-lang/modules/scala-xml_2.11/1.0.5/scala-xml_2.11-1.0.5.jar:/Users/as18/.m2/repository/org/scala-lang/modules/scala-parser-combinators_2.11/1.0.4/scala-parser-combinators_2.11-1.0.4.jar:/usr/local/scala-2.11.8/lib/scala-actors-2.11.0.jar:/usr/local/scala-2.11.8/lib/scala-actors-migration_2.11-1.1.0.jar:/usr/local/scala-2.11.8/lib/scala-library.jar:/usr/local/scala-2.11.8/lib/scala-parser-combinators_2.11-1.0.4.jar:/usr/local/scala-2.11.8/lib/scala-reflect.jar:/usr/local/scala-2.11.8/lib/scala-swing_2.11-1.0.2.jar:/usr/local/scala-2.11.8/lib/scala-xml_2.11-1.0.4.jar:/Applications/IntelliJ IDEA.app/Contents/lib/idea_rt.jar" com.intellij.rt.execution.application.AppMain org.jetbrains.plugins.scala.testingSupport.scalaTest.ScalaTestRunner -s creds.Test -testName "provides temporary access to AWS" -showProgressMessages true -C org.jetbrains.plugins.scala.testingSupport.scalaTest.ScalaTestReporter
Testing started at 3:20 AM ...
Unable to load AWS credentials from any provider in the chain
com.amazonaws.SdkClientException: Unable to load AWS credentials from any provider in the chain
at com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:131)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.getCredentialsFromContext(AmazonHttpClient.java:1119)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.runBeforeRequestHandlers(AmazonHttpClient.java:759)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:723)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:716)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:699)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:667)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:649)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:513)
at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.doInvoke(AWSSecurityTokenServiceClient.java:1271)
at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.invoke(AWSSecurityTokenServiceClient.java:1247)
at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.executeAssumeRole(AWSSecurityTokenServiceClient.java:454)
at com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClient.assumeRole(AWSSecurityTokenServiceClient.java:431)
at creds.Test$$anonfun$1.apply$mcV$sp(Test.scala:24)
at creds.Test$$anonfun$1.apply(Test.scala:15)
at creds.Test$$anonfun$1.apply(Test.scala:15)
at org.scalatest.OutcomeOf$class.outcomeOf(OutcomeOf.scala:85)
at org.scalatest.OutcomeOf$.outcomeOf(OutcomeOf.scala:104)
at org.scalatest.Transformer.apply(Transformer.scala:22)
at org.scalatest.Transformer.apply(Transformer.scala:20)
at org.scalatest.FunSpecLike$$anon$1.apply(FunSpecLike.scala:454)
at org.scalatest.TestSuite$class.withFixture(TestSuite.scala:196)
at org.scalatest.FunSpec.withFixture(FunSpec.scala:1630)
at org.scalatest.FunSpecLike$class.invokeWithFixture$1(FunSpecLike.scala:451)
at org.scalatest.FunSpecLike$$anonfun$runTest$1.apply(FunSpecLike.scala:464)
at org.scalatest.FunSpecLike$$anonfun$runTest$1.apply(FunSpecLike.scala:464)
at org.scalatest.SuperEngine.runTestImpl(Engine.scala:289)
at org.scalatest.FunSpecLike$class.runTest(FunSpecLike.scala:464)
at org.scalatest.FunSpec.runTest(FunSpec.scala:1630)
at org.scalatest.FunSpecLike$$anonfun$runTests$1.apply(FunSpecLike.scala:497)
at org.scalatest.FunSpecLike$$anonfun$runTests$1.apply(FunSpecLike.scala:497)
at org.scalatest.SuperEngine$$anonfun$traverseSubNodes$1$1.apply(Engine.scala:396)
at org.scalatest.SuperEngine$$anonfun$traverseSubNodes$1$1.apply(Engine.scala:384)
at scala.collection.immutable.List.foreach(List.scala:381)
at org.scalatest.SuperEngine.traverseSubNodes$1(Engine.scala:384)
at org.scalatest.SuperEngine.org$scalatest$SuperEngine$$runTestsInBranch(Engine.scala:379)
at org.scalatest.SuperEngine.runTestsImpl(Engine.scala:461)
at org.scalatest.FunSpecLike$class.runTests(FunSpecLike.scala:497)
at org.scalatest.FunSpec.runTests(FunSpec.scala:1630)
at org.scalatest.Suite$class.run(Suite.scala:1147)
at org.scalatest.FunSpec.org$scalatest$FunSpecLike$$super$run(FunSpec.scala:1630)
at org.scalatest.FunSpecLike$$anonfun$run$1.apply(FunSpecLike.scala:501)
at org.scalatest.FunSpecLike$$anonfun$run$1.apply(FunSpecLike.scala:501)
at org.scalatest.SuperEngine.runImpl(Engine.scala:521)
at org.scalatest.FunSpecLike$class.run(FunSpecLike.scala:501)
at org.scalatest.FunSpec.run(FunSpec.scala:1630)
at org.scalatest.tools.SuiteRunner.run(SuiteRunner.scala:45)
at org.scalatest.tools.Runner$$anonfun$doRunRunRunDaDoRunRun$1.apply(Runner.scala:1340)
at org.scalatest.tools.Runner$$anonfun$doRunRunRunDaDoRunRun$1.apply(Runner.scala:1334)
at scala.collection.immutable.List.foreach(List.scala:381)
at org.scalatest.tools.Runner$.doRunRunRunDaDoRunRun(Runner.scala:1334)
at org.scalatest.tools.Runner$$anonfun$runOptionallyWithPassFailReporter$2.apply(Runner.scala:1011)
at org.scalatest.tools.Runner$$anonfun$runOptionallyWithPassFailReporter$2.apply(Runner.scala:1010)
at org.scalatest.tools.Runner$.withClassLoaderAndDispatchReporter(Runner.scala:1500)
at org.scalatest.tools.Runner$.runOptionallyWithPassFailReporter(Runner.scala:1010)
at org.scalatest.tools.Runner$.run(Runner.scala:850)
at org.scalatest.tools.Runner.run(Runner.scala)
at org.jetbrains.plugins.scala.testingSupport.scalaTest.ScalaTestRunner.runScalaTest2(ScalaTestRunner.java:138)
at org.jetbrains.plugins.scala.testingSupport.scalaTest.ScalaTestRunner.main(ScalaTestRunner.java:28)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at com.intellij.rt.execution.application.AppMain.main(AppMain.java:147)
はAssumeRoleRequestより理にかなっている、あまりにもAssumeRoleWithWebIdentityRequestを使用してみました。しかし、同じUnloadをロードすると、credsエラーがロードされます。
it("provides temporary access to AWS") {
val identityRequest = new AssumeRoleWithWebIdentityRequest()
identityRequest.setRoleArn("arn:aws:iam::" + accountId + ":role/" + roleName)
//identityRequest.setWebIdentityToken(loginUserId) //I dont know what is it
identityRequest.setRoleSessionName(loginUserId)
val tokenService = new AWSSecurityTokenServiceClient()
tokenService.setEndpoint("sts-endpoint.amazonaws.com")
val creds = tokenService.assumeRoleWithWebIdentity(identityRequest).getCredentials
println(creds.getAccessKeyId)
println(creds.getSecretAccessKey)
println(creds.getSessionToken)
println(creds.getExpiration)
}
要求のは、送信は、resourcePathがnullある
POST null/Parameters: ({"Action":["AssumeRoleWithWebIdentity"],"Version":["2011-06-15"],"RoleArn":["arn:aws:iam::accountId:role/roleName"],"RoleSessionName":["loginUserId"]}
で、なぜ知りませんか?
私はaws-java-sdk 1.11
<dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk</artifactId>
<version>1.11.109</version>
<scope>compile</scope>
</dependency>
On terminalを使用しています、私が持っていないプロファイルを要求します。私が持っているのはawsアカウントのユーザー名とパスワードだけです。
$ aws sts assume-role --role-arn arn:aws:iam::someAccount:role/rolenNameForMe --role-session-name "RoleSession1" > assume-role-output.txt
Unable to locate credentials. You can configure credentials by running "aws configure".
私はUIのユーザーのページをチェックすると、私はあなたがAWSサービスへの呼び出しを行うと、あなたはあなたが誰であるかを識別するための資格情報を提供しなければならないアクセス
User: arn:aws:sts::accountId:assumed-role/roleName/loginUserId is not authorized to perform: iam:ListUsers on resource: arn:aws:iam::accountId:user/
1)質問は非aws環境です2)私はUIから示唆しているようにアクセスキーを作成できないawsへのアクセスが制限されています。 3)私はなぜ、非awsで私の 'loginUserId'と' loginPassword'で一時的な信用を要求する方法があるのでしょうか? – prayagupd
外部IDプロバイダ(Facebookなど)に対して最初に認証する必要があるため、['AssumeRoleWithWebIdentity'](http:// docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRoleWithWebIdentity.html') 、Google)、役割を引き受けることが許されます。 –
あなたがその質問を見るなら、私が使っていることは何ですか。私の混乱は、「IdentityToken」と「RoleSessionName」という言葉にあります。私はそれのための価値がないので、外部のプロバイダを使用しないでください。 'RoleSessionName'の場合は、'通常、アプリケーションを使用しているユーザに関連付けられている名前または識別子を渡します.'だから、私はloginUserName自体を渡します。 – prayagupd