尝试从EC2访问AWS S3时,为什么会出现403错误

时间:2015-11-09 15:57:13

标签: amazon-web-services amazon-s3 amazon-ec2 spring-boot

我想使用Spring Cloud AWS从Spring Boot应用程序访问S3。我对桌面的访问权限很好,但是当我将应用程序捆绑为WAR文件并部署到EC2 Tomcat容器时,我得到403例外:

Caused by: com.amazonaws.services.s3.model.AmazonS3Exception: Forbidden (Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: 4F0EBE3A853C6D99)
    at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:1078) ~[aws-java-sdk-core-1.9.27.jar:na]
    at com.amazonaws.http.AmazonHttpClient.executeOneRequest(AmazonHttpClient.java:726) ~[aws-java-sdk-core-1.9.27.jar:na]
    at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:461) ~[aws-java-sdk-core-1.9.27.jar:na]
    at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:296) ~[aws-java-sdk-core-1.9.27.jar:na]
    at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:3737) ~[aws-java-sdk-s3-1.9.27.jar:na]
    at com.amazonaws.services.s3.AmazonS3Client.getObjectMetadata(AmazonS3Client.java:1028) ~[aws-java-sdk-s3-1.9.27.jar:na]
    at org.springframework.cloud.aws.core.io.s3.SimpleStorageResource.getObjectMetadata(SimpleStorageResource.java:182) ~[spring-cloud-aws-core-1.0.2.RELEASE.jar:1.0.2.RELEASE]
    at org.springframework.cloud.aws.core.io.s3.SimpleStorageResource.exists(SimpleStorageResource.java:112) ~[spring-cloud-aws-core-1.0.2.RELEASE.jar:1.0.2.RELEASE]

我有application.yml我在其中定义了对AWS的访问权限:

cloud:
    aws:
        region:
            static: eu-west-1
            auto: false
        credentials:
            accessKey: myaccesskey
            secretKey: somereallylongkeyhere
            instanceProfile: true

这在我的桌面上工作正常。我需要做些什么来使这项工作?我试过在S3中看到我可以看到的每个许可,但我似乎无法解决这个问题。

1 个答案:

答案 0 :(得分:0)

我有一个类似的问题,罪魁祸首是一个过时的系统时钟。 EC2实例有时会漂移,IAM API对它非常敏感。相关信息可在此处找到:https://github.com/boto/boto/issues/2885