由于我想从AWS s3存储桶中获取图像,但在获取图像时我遇到了这个问题
列出com.amazonaws.AmazonServiceException时发现异常: 未授权执行sts:AssumeRoleWithWebIdentity(服务: AWSSecurityTokenService;状态代码:403;错误代码:AccessDenied; 收文子ID:1611666a-694c-11e8-8fd4-73b0ac2fc630)
我创建了身份池并在我的代码中提供了这些信用卡,并且已经有Web团队创建了存储桶并添加了策略, 我在IM ROLE中以信任关系添加了相同的存储桶名称。
public class SampleAws extends AppCompatActivity {
AmazonS3 s3Client;
String bucket = "I added bucket name in code";
TransferUtility transferUtility;
List<String> listing;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.sampleaws);
// callback method to call credentialsProvider method.
s3credentialsProvider();
// callback method to call the setTransferUtility method
setTransferUtility();
}
public void s3credentialsProvider(){
// Initialize the AWS Credential
CognitoCachingCredentialsProvider cognitoCachingCredentialsProvider =
new CognitoCachingCredentialsProvider(
getApplicationContext(),
"added account number",
"added identity pool id",
"added unauth rolearn",
"added auth role arn"
"added region"
);
createAmazonS3Client(cognitoCachingCredentialsProvider);
}
/**
* Create a AmazonS3Client constructor and pass the credentialsProvider.
* @param credentialsProvider
*/
public void createAmazonS3Client(CognitoCachingCredentialsProvider
credentialsProvider){
// Create an S3 client
s3Client = new AmazonS3Client(credentialsProvider);
// Set the region of your S3 bucket
s3Client.setRegion(Region.getRegion(Regions.AP_SOUTH_1));
}
public void setTransferUtility(){
transferUtility = new TransferUtility(s3Client, getApplicationContext());
}
public void fetchFileFromS3(View view){
// Get List of files from S3 Bucket
Thread thread = new Thread(new Runnable(){
@Override
public void run() {
Log.d("run","inside run ");
try {
Looper.prepare();
listing = getObjectNamesForBucket(bucket, s3Client);
for (int i=0; i< listing.size(); i++){
Toast.makeText(SampleAws.this, listing.get(i),Toast.LENGTH_LONG).show();
}
Looper.loop();
// Log.e("tag", "listing "+ listing);
}
catch (Exception e) {
e.printStackTrace();
Log.e("tag", "Exception found while listing "+ e);
}
}
});
thread.start();
}
/**
* @desc This method is used to return list of files name from S3 Bucket
* @param bucket
* @param s3Client
* @return object with list of files
*/
private List<String> getObjectNamesForBucket(String bucket, AmazonS3 s3Client) {
ObjectListing objects=s3Client.listObjects(bucket);
List<String> objectNames=new ArrayList<String>(objects.getObjectSummaries().size());
Iterator<S3ObjectSummary> iterator=objects.getObjectSummaries().iterator();
while (iterator.hasNext()) {
objectNames.add(iterator.next().getKey());
}
while (objects.isTruncated()) {
objects=s3Client.listNextBatchOfObjects(objects);
iterator=objects.getObjectSummaries().iterator();
while (iterator.hasNext()) {
objectNames.add(iterator.next().getKey());
}
}
return objectNames;
}
/**
* This is listener method of the TransferObserver
* Within this listener method, we get status of uploading and downloading file,
* to display percentage of the part of file to be uploaded or downloaded to S3
* It displays an error, when there is a problem in uploading or downloading file to or from S3.
* @param transferObserver
*/
public void transferObserverListener(TransferObserver transferObserver){
transferObserver.setTransferListener(new TransferListener(){
@Override
public void onStateChanged(int id, TransferState state) {
Toast.makeText(getApplicationContext(), "State Change"
+ state, Toast.LENGTH_SHORT).show();
}
@Override
public void onProgressChanged(int id, long bytesCurrent, long bytesTotal) {
int percentage = (int) (bytesCurrent/bytesTotal * 100);
Toast.makeText(getApplicationContext(), "Progress in %"
+ percentage, Toast.LENGTH_SHORT).show();
}
@Override
public void onError(int id, Exception ex) {
Log.e("error","error"+ex);
}
});
}
}
注意:请帮助我解决我的问题。在网络团队中他们正在上传图片,在我的移动应用中我想要获取这些图片并且必须显示。
值得信赖的关系:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Federated": "cognito-identity.amazonaws.com"
},
"Action": "sts:AssumeRoleWithWebIdentity",
"Condition": {
"StringEquals": {
"cognito-identity.amazonaws.com:aud": "added identity pool"
},
"ForAnyValue:StringLike": {
"cognito-identity.amazonaws.com:amr": "authenticated"
}
}
}
]
}