我想使用Spring Cloud AWS从Spring Boot应用程序访问S3。我对桌面的访问权限很好,但是当我将应用程序捆绑为WAR文件并部署到EC2 Tomcat容器时,我得到403例外:
Caused by: com.amazonaws.services.s3.model.AmazonS3Exception: Forbidden (Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: 4F0EBE3A853C6D99)
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:1078) ~[aws-java-sdk-core-1.9.27.jar:na]
at com.amazonaws.http.AmazonHttpClient.executeOneRequest(AmazonHttpClient.java:726) ~[aws-java-sdk-core-1.9.27.jar:na]
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:461) ~[aws-java-sdk-core-1.9.27.jar:na]
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:296) ~[aws-java-sdk-core-1.9.27.jar:na]
at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:3737) ~[aws-java-sdk-s3-1.9.27.jar:na]
at com.amazonaws.services.s3.AmazonS3Client.getObjectMetadata(AmazonS3Client.java:1028) ~[aws-java-sdk-s3-1.9.27.jar:na]
at org.springframework.cloud.aws.core.io.s3.SimpleStorageResource.getObjectMetadata(SimpleStorageResource.java:182) ~[spring-cloud-aws-core-1.0.2.RELEASE.jar:1.0.2.RELEASE]
at org.springframework.cloud.aws.core.io.s3.SimpleStorageResource.exists(SimpleStorageResource.java:112) ~[spring-cloud-aws-core-1.0.2.RELEASE.jar:1.0.2.RELEASE]
我有application.yml我在其中定义了对AWS的访问权限:
cloud:
aws:
region:
static: eu-west-1
auto: false
credentials:
accessKey: myaccesskey
secretKey: somereallylongkeyhere
instanceProfile: true
这在我的桌面上工作正常。我需要做些什么来使这项工作?我试过在S3中看到我可以看到的每个许可,但我似乎无法解决这个问题。
答案 0 :(得分:0)
我有一个类似的问题,罪魁祸首是一个过时的系统时钟。 EC2实例有时会漂移,IAM API对它非常敏感。相关信息可在此处找到:https://github.com/boto/boto/issues/2885。