AWS:无法找到凭证错误

时间:2018-07-06 16:59:24

标签: c# amazon-web-services amazon-s3 aws-sdk

我有ASP.NET Core 2应用程序。我已经在appsettings.json

中配置了AWS

如下所示

"AWS": {
    "Profile": "default",
    "ProfilesLocation": "D:\\_profiles\\awsprofile"
  }

我确保该位置的awsprofile文件可用,并提供以下信息

[default]
aws_access_key_id = XXXXXX
aws_secret_access_key = XXXXXXXXXXX

然后我尝试创建如下所示的S3Client实例

    var regionEndPoint = RegionEndpoint.GetBySystemName("us-west-1");                                
    var client = new AmazonS3Client(regionEndPoint));

但是,我遇到异常Unable to find the 'default' profile in CredentialProfileStoreChain.

  

应用程序启动异常:Amazon.Runtime.AmazonServiceException:   找不到凭据

     

异常1之3:Amazon.Runtime.AmazonClientException:无法找到   CredentialProfileStoreChain中的“默认”配置文件。在   Amazon.Runtime.FallbackCredentialsFactory.GetAWSCredentials(ICredentialProfileSource   来源)   Amazon.Runtime.FallbackCredentialsFactory.GetCredentials(布尔   fallbackToAnonymous)

     

异常2之3:System.InvalidOperationException:环境   变量AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY / AWS_SESSION_TOKEN   没有使用AWS凭证设置。在   Amazon.Runtime.EnvironmentVariablesAWSCredentials.FetchCredentials()
  在Amazon.Runtime.EnvironmentVariablesAWSCredentials..ctor()处   Amazon.Runtime.FallbackCredentialsFactory。<> c.b__9_1()在   Amazon.Runtime.FallbackCredentialsFactory.GetCredentials(布尔   fallbackToAnonymous)

     

3之3的异常:System.Net.Http.HttpRequestException:响应   状态代码不表示成功:404(未找到)。在   System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode()在   System.Net.Http.HttpClient.d__27.MoveNext()   ---从上一个引发异常的位置开始的堆栈跟踪-   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()在   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务   任务)   Amazon.Runtime.Internal.Util.AsyncHelpers。<> c__DisplayClass1_1 1.<<RunSync>b__0>d.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at Amazon.Runtime.Internal.Util.AsyncHelpers.ExclusiveSynchronizationContext.BeginMessageLoop() at Amazon.Runtime.Internal.Util.AsyncHelpers.RunSync[T](Func 1任务)
  在Amazon.Util.AWSSDKUtils.DownloadStringContent(Uri uri,TimeSpan   超时)   Amazon.Runtime.URIBasedRefreshingCredentialHelper.GetContents(乌里uri)   在   Amazon.Runtime.InstanceProfileAWSCredentials.d__10.MoveNext()   在Amazon.Runtime.InstanceProfileAWSCredentials.GetFirstRole()在   Amazon.Runtime.FallbackCredentialsFactory.ECSEC2CredentialsWrapper()
  在Amazon.Runtime.FallbackCredentialsFactory.GetCredentials(布尔   fallbackToAnonymous)

     Amazon.Runtime.FallbackCredentialsFactory.GetCredentials(布尔值   fallbackToAnonymous),位于XXXXXXXXXXXXXXXXXXXX.cs:第30行   Api.Startup.ConfigureServices(IServiceCollection服务)在   D:\ Jenkins \ XXXXXXXXXXXXXXXXXXXX \ Src \ Api \ Startup.cs:第75行   ---从上一个引发异常的位置开始的堆栈跟踪-   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()在   Microsoft.AspNetCore.Hosting.ConventionBasedStartup.ConfigureServices(IServiceCollection   服务)   Microsoft.AspNetCore.Hosting.Internal.WebHost.EnsureApplicationServices()   在Microsoft.AspNetCore.Hosting.Internal.WebHost.BuildApplication()   爆击:Microsoft.AspNetCore.Hosting.Internal.WebHost [6]         应用程序启动异常Amazon.Runtime.AmazonServiceException:无法找到凭证

     

异常1之3:Amazon.Runtime.AmazonClientException:无法找到   CredentialProfileStoreChain中的“默认”配置文件。在   Amazon.Runtime.FallbackCredentialsFactory.GetAWSCredentials(ICredentialProfileSource   来源)   Amazon.Runtime.FallbackCredentialsFactory.GetCredentials(布尔   fallbackToAnonymous)

     

异常2之3:System.InvalidOperationException:环境   变量AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY / AWS_SESSION_TOKEN   没有使用AWS凭证设置。在   Amazon.Runtime.EnvironmentVariablesAWSCredentials.FetchCredentials()
  在Amazon.Runtime.EnvironmentVariablesAWSCredentials..ctor()处   Amazon.Runtime.FallbackCredentialsFactory。<> c.b__9_1()在   Amazon.Runtime.FallbackCredentialsFactory.GetCredentials(布尔   fallbackToAnonymous)

     

3之3的异常:System.Net.Http.HttpRequestException:响应   状态代码不表示成功:404(未找到)。在   System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode()在   System.Net.Http.HttpClient.d__27.MoveNext()   ---从上一个引发异常的位置开始的堆栈跟踪-   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()在   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务   任务)   Amazon.Runtime.Internal.Util.AsyncHelpers。<> c__DisplayClass1_1 1.<<RunSync>b__0>d.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at Amazon.Runtime.Internal.Util.AsyncHelpers.ExclusiveSynchronizationContext.BeginMessageLoop() at Amazon.Runtime.Internal.Util.AsyncHelpers.RunSync[T](Func 1任务)
  在Amazon.Util.AWSSDKUtils.DownloadStringContent(Uri uri,TimeSpan   超时)   Amazon.Runtime.URIBasedRefreshingCredentialHelper.GetContents(乌里uri)   在   Amazon.Runtime.InstanceProfileAWSCredentials.d__10.MoveNext()   在Amazon.Runtime.InstanceProfileAWSCredentials.GetFirstRole()在   Amazon.Runtime.FallbackCredentialsFactory.ECSEC2CredentialsWrapper()
  在Amazon.Runtime.FallbackCredentialsFactory.GetCredentials(布尔   fallbackToAnonymous)

     Amazon.Runtime.FallbackCredentialsFactory.GetCredentials(布尔值   在XXXXXXXXXXXXXXXXXXXX:fallbackToAnonymous):第30行   Api.Startup.ConfigureServices(IServiceCollection服务)在   D:\ Jenkins \ XXXXXXXXXXXXXXXXXXXX \ Startup.cs:第75行   ---从上一个引发异常的位置开始的堆栈跟踪-   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()在   Microsoft.AspNetCore.Hosting.ConventionBasedStartup.ConfigureServices(IServiceCollection   服务)   Microsoft.AspNetCore.Hosting.Internal.WebHost.EnsureApplicationServices()   在Microsoft.AspNetCore.Hosting.Internal.WebHost.BuildApplication()

     

未处理的异常:Amazon.Runtime.AmazonServiceException:无法执行   查找凭据

     

异常1之3:Amazon.Runtime.AmazonClientException:无法找到   CredentialProfileStoreChain中的“默认”配置文件。在   Amazon.Runtime.FallbackCredentialsFactory.GetAWSCredentials(ICredentialProfileSource   来源)   Amazon.Runtime.FallbackCredentialsFactory.GetCredentials(布尔   fallbackToAnonymous)

     

异常2之3:System.InvalidOperationException:环境   变量AWS_ACCESS_KEY_ID / AWS_SECRET_ACCESS_KEY / AWS_SESSION_TOKEN   没有使用AWS凭证设置。在   Amazon.Runtime.EnvironmentVariablesAWSCredentials.FetchCredentials()
  在Amazon.Runtime.EnvironmentVariablesAWSCredentials..ctor()处   Amazon.Runtime.FallbackCredentialsFactory。<> c.b__9_1()在   Amazon.Runtime.FallbackCredentialsFactory.GetCredentials(布尔   fallbackToAnonymous)

     

3之3的异常:System.Net.Http.HttpRequestException:响应   状态代码不表示成功:404(未找到)。在   System.Net.Http.HttpResponseMessage.EnsureSuccessStatusCode()在   System.Net.Http.HttpClient.d__27.MoveNext()   ---从上一个引发异常的位置开始的堆栈跟踪-   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()在   System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(任务   任务)   Amazon.Runtime.Internal.Util.AsyncHelpers。<> c__DisplayClass1_1 1.<<RunSync>b__0>d.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at Amazon.Runtime.Internal.Util.AsyncHelpers.ExclusiveSynchronizationContext.BeginMessageLoop() at Amazon.Runtime.Internal.Util.AsyncHelpers.RunSync[T](Func 1任务)
  在Amazon.Util.AWSSDKUtils.DownloadStringContent(Uri uri,TimeSpan   超时)   Amazon.Runtime.URIBasedRefreshingCredentialHelper.GetContents(乌里uri)   在   Amazon.Runtime.InstanceProfileAWSCredentials.d__10.MoveNext()   在Amazon.Runtime.InstanceProfileAWSCredentials.GetFirstRole()在   Amazon.Runtime.FallbackCredentialsFactory.ECSEC2CredentialsWrapper()
  在Amazon.Runtime.FallbackCredentialsFactory.GetCredentials(布尔   fallbackToAnonymous)

     Amazon.Runtime.FallbackCredentialsFactory.GetCredentials(布尔值   在XXXXXXXXXXXXXXXXXXXX:fallbackToAnonymous):第30行   XXXXXXXXXXXXXXXXXXXX \ Src \ Api \ Startup.cs:第75行   ---从上一个引发异常的位置开始的堆栈跟踪-   System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()在   Microsoft.AspNetCore.Hosting.ConventionBasedStartup.ConfigureServices(IServiceCollection   服务)   Microsoft.AspNetCore.Hosting.Internal.WebHost.EnsureApplicationServices()   在Microsoft.AspNetCore.Hosting.Internal.WebHost.BuildApplication()
  在Microsoft.AspNetCore.Hosting.WebHostBuilder.Build()   Api.Program.Main(String [] args)在   D:\ Jenkins \ XXXXXXXXXXXXXXXXXXXX \ Src \ Api \ Program.cs:第20行

2 个答案:

答案 0 :(得分:0)

您的设置和凭据文件看起来不错。但是,我不相信以这种方式调用构造函数会自动找到凭据。您可以使用AWS .NET Core安装程序包为您处理此问题。遵循the docs通过依赖注入获得IAmazonS3非常容易。

简而言之:

如果您使用的是ASP.NET Core,请从nuget中添加软件包AWSSDK.Extensions.NETCore.Setup

在ConfigureServices中添加AWS配置和服务:

public void ConfigureServices(IServiceCollection services)
{
    // Add framework services.
    services.AddMvc();

    ....

    // This will find "AWS" section in your app settings
    services.AddDefaultAWSOptions(Configuration.GetAWSOptions());

    // This is used to find your credentials and give you the dependency
    services.AddAWSService<IAmazonS3>();
}

然后,您可以通过依赖项注入在控制器,类等中访问IAmazonS3实例:

public class HomeController : Controller
{
    IAmazonS3 S3Client { get; set; }

    public HomeController(IAmazonS3 s3Client)
    {
        this.S3Client = s3Client;
    }

    ...

}

答案 1 :(得分:0)

我想使用AmazonS3Client下载给定s3 url的文件。文件可以位于美国的4个地区中的任何一个地区us-west-1us-west-2us-east-1us-east-2 使用流动代码创建AmazonS3Client的实例时,s3客户端只能从appsettings.json中的已配置区域下载文件。

// This will find "AWS" section in your app settings
services.AddDefaultAWSOptions(Configuration.GetAWSOptions());

// This is used to find your credentials and give you the dependency
services.AddAWSService<IAmazonS3>();

因此,我创建了一个工厂,该工厂创建AmazonS3Client的实例,然后根据该区域使用适当的S3客户端。

public class S3ClientFactory : IS3ClientFactory
{        
    private IDictionary<string, IAmazonS3> _container = null;

    private S3ClientFactory()
    {
        _container = new Dictionary<string, IAmazonS3>();
    }

    public static IS3ClientFactory Create(string[] regions, AWSOptions options)
    {
        var factory = new S3ClientFactory();
        foreach (var region in regions)
        {
            var regionEndPoint = RegionEndpoint.GetBySystemName(region);
            options.Region = regionEndPoint;
            factory._container.Add(region, options.CreateServiceClient<IAmazonS3>());
        }

        return factory;
    }

    public IAmazonS3 GetS3Client(string region)
    {
        if (!_container.ContainsKey(region))
        {
            throw new Exception(string.Format("Could not find s3 client for key {0}", region));
        }
        return _container[region];
    }
}

并在Startup.cs中进行注册

var awsOptions = Configuration.GetAWSOptions();
var regions = new string[] { "us-west-1", "us-west-2", "us-east-1", "us-east-2" }; // add supported regions as needed
services.AddSingleton<IS3ClientFactory>(S3ClientFactory.Create(regions,awsOptions));

然后我使用Amazon.S3.Util.AmazonS3Uri解析传入的s3 url以获取区域,并使用factory获取正确的S3Client

   var s3Uri = new AmazonS3Uri(sourceS3Uri);
   var s3Client = _factory.GetS3Client(s3Uri.Region.SystemName);