错误"请求中包含的安全令牌无效"来自AWS Client

时间:2015-10-21 18:02:53

标签: scala amazon-web-services amazon-dynamodb amazon-cloudwatch amazon-kinesis

您好我使用Kinesis作为我的数据缓冲区,我在下面收到此错误,表示我的访问密钥无效。我试图谷歌周围,其他发布的答案建议将访问密钥更改为正确的。

但是我的情况有点特别,这个错误在运行时出现,这意味着当我的应用程序启动时访问密钥是正确的,但是在运行一段时间之后,访问密钥突然无效。

我怀疑" AmazonCloudWatch"和#34; AmazonDynamoDBv2"服务客户端库导致问题?或者我的方式来创建" AmazonKinesisClient"不正确吗?

我未授权在AWS论坛上发布这两项服务的线程,所以我在此发布。非常感谢你。

用于启动AmazonKinesisClient的Scala代码:

  val awsCredentialsProvider = new DefaultAWSCredentialsProviderChain()
  val kinesisClient = new AmazonKinesisClient(awsCredentialsProvider)

错误消息:

15/10/21 17:05:48 INFO CWPublisherRunnable: Successfully published 20 datums.
15/10/21 17:05:49 INFO CWPublisherRunnable: Successfully published 3 datums.
15/10/21 17:05:59 INFO CWPublisherRunnable: Successfully published 18 datums.
15/10/21 17:06:00 INFO BlockManager: Removing RDD 115350
15/10/21 17:06:00 INFO BlockManager: Removing RDD 115349
15/10/21 17:06:00 INFO BlockManager: Removing RDD 115348
15/10/21 17:06:00 INFO MemoryStore: ensureFreeSpace(3016) called with curMem=40094, maxMem=186832650
15/10/21 17:06:00 INFO MemoryStore: Block input-0-1445447160600 stored as values in memory (estimated size 2.9 KB, free 178.1 MB)
15/10/21 17:06:00 INFO BlockGenerator: Pushed block input-0-1445447160600
15/10/21 17:06:05 INFO MemoryStore: ensureFreeSpace(2792) called with curMem=43110, maxMem=186832650
15/10/21 17:06:05 INFO MemoryStore: Block input-0-1445447165600 stored as values in memory (estimated size 2.7 KB, free 178.1 MB)
15/10/21 17:06:05 INFO BlockGenerator: Pushed block input-0-1445447165600
15/10/21 17:06:09 INFO CWPublisherRunnable: Successfully published 20 datums.
15/10/21 17:06:09 INFO CWPublisherRunnable: Successfully published 5 datums.
15/10/21 17:06:12 INFO Worker: Current stream shard assignments: shardId-000000000001, shardId-000000000000
15/10/21 17:06:12 INFO Worker: Sleeping ...
15/10/21 17:06:18 INFO BlockManager: Removing RDD 115354
15/10/21 17:06:18 INFO BlockManager: Removing RDD 115353
15/10/21 17:06:18 INFO BlockManager: Removing RDD 115352
15/10/21 17:06:19 INFO CWPublisherRunnable: Successfully published 18 datums.
15/10/21 17:06:21 INFO MemoryStore: ensureFreeSpace(2536) called with curMem=45902, maxMem=186832650
15/10/21 17:06:21 INFO MemoryStore: Block input-0-1445447181600 stored as values in memory (estimated size 2.5 KB, free 178.1 MB)
15/10/21 17:06:21 INFO BlockGenerator: Pushed block input-0-1445447181600
15/10/21 17:06:29 INFO CWPublisherRunnable: Successfully published 20 datums.
15/10/21 17:06:30 WARN CWPublisherRunnable: Could not publish 5 datums to CloudWatch
com.amazonaws.AmazonServiceException: The security token included in the request is invalid. (Service: AmazonCloudWatch; Status Code: 403; Error Code: InvalidClientTokenId; Request ID: 12560958-7816-11e5-8781-e3e348826d8f)
    at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:886)
    at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:484)
    at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:256)
    at com.amazonaws.services.cloudwatch.AmazonCloudWatchClient.invoke(AmazonCloudWatchClient.java:883)
    at com.amazonaws.services.cloudwatch.AmazonCloudWatchClient.putMetricData(AmazonCloudWatchClient.java:354)
    at com.amazonaws.services.kinesis.metrics.impl.DefaultCWMetricsPublisher.publishMetrics(DefaultCWMetricsPublisher.java:63)
    at com.amazonaws.services.kinesis.metrics.impl.CWPublisherRunnable.runOnce(CWPublisherRunnable.java:129)
    at com.amazonaws.services.kinesis.metrics.impl.CWPublisherRunnable.run(CWPublisherRunnable.java:75)
    at java.lang.Thread.run(Thread.java:744)
15/10/21 17:06:31 ERROR LeaseCoordinator: LeasingException encountered in lease renewing thread
com.amazonaws.services.kinesis.leases.exceptions.DependencyException: com.amazonaws.AmazonServiceException: The security token included in the request is invalid. (Service: AmazonDynamoDBv2; Status Code: 400; Error Code: UnrecognizedClientException; Request ID: P76PVB575SQUA5QPDTD4BSDDTJVV4KQNSO5AEMVJF66Q9ASUAAJG)
    at com.amazonaws.services.kinesis.leases.impl.LeaseManager.convertAndRethrowExceptions(LeaseManager.java:557)
    at com.amazonaws.services.kinesis.leases.impl.LeaseManager.renewLease(LeaseManager.java:371)
    at com.amazonaws.services.kinesis.leases.impl.LeaseRenewer.renewLease(LeaseRenewer.java:102)
    at com.amazonaws.services.kinesis.leases.impl.LeaseRenewer.renewLeases(LeaseRenewer.java:83)
    at com.amazonaws.services.kinesis.leases.impl.LeaseCoordinator.runRenewer(LeaseCoordinator.java:194)
    at com.amazonaws.services.kinesis.leases.impl.LeaseCoordinator$RenewerRunnable.run(LeaseCoordinator.java:130)
    at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
    at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:304)
    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:178)
    at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:744)
Caused by: com.amazonaws.AmazonServiceException: The security token included in the request is invalid. (Service: AmazonDynamoDBv2; Status Code: 400; Error Code: UnrecognizedClientException; Request ID: P76PVB575SQUA5QPDTD4BSDDTJVV4KQNSO5AEMVJF66Q9ASUAAJG)
    at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:886)
    at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:484)
    at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:256)
    at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.invoke(AmazonDynamoDBClient.java:2908)
    at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.updateItem(AmazonDynamoDBClient.java:1256)
    at com.amazonaws.services.kinesis.leases.impl.LeaseManager.renewLease(LeaseManager.java:362)
    ... 11 more

1 个答案:

答案 0 :(得分:1)

这是因为凭据轮换,有时您尝试使用刚刚过期的凭据访问kinesis。

亚马逊建议的解决方案是在到期前5分钟刷新凭据。更多细节https://aws.amazon.com/premiumsupport/knowledge-center/security-token-expired/