我必须从S3存储桶下载数据,数据已加密,我有kms密钥来解密数据。代码在EC2实例中运行,EC2实例具有从S3读取的IAM角色。 我在this链接中看到了示例代码,但我无法读取内容。我收到以下异常
Exception in thread "main" com.amazonaws.SdkClientException: Unable to load credentials into profile [default]: AWS Access Key ID is not specified.
at com.amazonaws.auth.profile.internal.ProfileStaticCredentialsProvider.fromStaticCredentials(ProfileStaticCredentialsProvider.java:55)
at com.amazonaws.auth.profile.internal.ProfileStaticCredentialsProvider.<init>(ProfileStaticCredentialsProvider.java:40)
at com.amazonaws.auth.profile.ProfilesConfigFile.fromProfile(ProfilesConfigFile.java:207)
at com.amazonaws.auth.profile.ProfilesConfigFile.getCredentials(ProfilesConfigFile.java:160)
有人可以建议我出错的地方或者提供一些如何在没有凭据的情况下从S3存储桶中读取加密数据的指导
答案 0 :(得分:0)
我能够通过提供InstanceProfileCredentialsProvider找到解决方案.Below就是代码。
String kms_key = Constants.KMS_key;
String inputString = null;
KMSEncryptionMaterialsProvider materialProvider = new KMSEncryptionMaterialsProvider(kms_key);
AmazonS3EncryptionClient client = new AmazonS3EncryptionClient(InstanceProfileCredentialsProvider.getInstance(),
materialProvider);
S3Object downloadedObject = client.getObject(bucketName, filePath);
if (null != downloadedObject) {
inputString = convertToString(downloadedObject.getObjectContent());
}