Question

我正在使用Databricks，我想列出一个存储桶。

dbutils.fs.ls("s3://mybucket)

com.amazonaws.SdkClientException：无法从以下位置加载AWS凭证链中的任何提供程序：[BasicAWSCredentialsProvider：访问密钥或密钥为空， com.amazonaws.auth.InstanceProfileCredentialsProvider@56e2bc92：无法加载凭据。

我正在使用.net创建IAM角色。为了创建IAM角色和实例配置文件，我使用了以下代码：

var roleName = "test";
var profileName = "test";
var client = new AmazonIdentityManagementServiceClient(aws_access_key_id, aws_secret_access_key, RegionEndpoint.EUWest1);
Policy policyDoc = GeneratePolicyDocument();    
List<Tag> tags = new List<Tag> { };
tags.Add(new Tag { Key = "jobposition", Value = jobPosition });
for (int i = 0; i < functionalGroups.Count; i++)
{
    tags.Add(new Tag { Key = String.Format("functionalarea{0}", i), Value = functionalGroups[i] });
}

try
{
    // Create a role with the trust policy
    var role = client.CreateRole(new CreateRoleRequest
    {
        RoleName = roleName,
        AssumeRolePolicyDocument = policyDoc.ToJson(),
        Tags = tags
    });
}
catch (Exception e)
{
    Console.Write(e);
}

Policy policyDoc1 = GeneratePolicyDocument1();

// Add the access policy to the role
try
{
    client.PutRolePolicy(new PutRolePolicyRequest
    {
        RoleName = roleName,
        PolicyName = "testrole2",
        PolicyDocument = policyDoc1.ToJson()
    });
}
catch (Exception e)
{
    Console.Write(e);
}

try
{
    // Create an instance profile
    client.CreateInstanceProfile(new CreateInstanceProfileRequest
{
    InstanceProfileName = profileName
});
}
catch (Exception e)
{
    Console.Write(e);
}

try
{
    // Add the role to the instance profile
    client.AddRoleToInstanceProfile(new AddRoleToInstanceProfileRequest
{
    InstanceProfileName = profileName,
    RoleName = roleName
});
}
catch (Exception e)
{
    Console.Write(e);
}

为了生成策略，我使用了以下代码：

public Policy GeneratePolicyDocument()
        {
            var client = new AmazonIdentityManagementServiceClient(aws_access_key_id, aws_secret_access_key, RegionEndpoint.EUWest1);
            var statements = new List<Amazon.Auth.AccessControlPolicy.Statement>();
            var actions = new List<ActionIdentifier>();
            var resources = new List<Resource>();
            var principal = new List<Principal>();
            actions.Add(new ActionIdentifier("sts:AssumeRole"));
            principal.Add(new Principal("123123123123"));


            var statement = new Amazon.Auth.AccessControlPolicy.Statement(Amazon.Auth.AccessControlPolicy.Statement.StatementEffect.Allow)
            {
                Actions = actions,
                Principals = principal
            };
            statements.Add(statement);
            Policy policy = new Policy
            {
                Version = "2012-10-17",
                Statements = statements
            };
            return policy;
        }

        public Policy GeneratePolicyDocument1()
        {
            var client = new AmazonIdentityManagementServiceClient(aws_access_key_id, aws_secret_access_key, RegionEndpoint.EUWest1);
            var statements = new List<Amazon.Auth.AccessControlPolicy.Statement>();
            var actions = new List<ActionIdentifier>();
            var resources = new List<Resource>();
            var principal = new List<Principal>();
            actions.Add(new ActionIdentifier("sts:AssumeRole"));
            resources.Add(new Resource("*"));


            var statement = new Amazon.Auth.AccessControlPolicy.Statement(Amazon.Auth.AccessControlPolicy.Statement.StatementEffect.Allow)
            {
                Actions = actions,
                Resources = resources
            };
            statements.Add(statement);
            Policy policy = new Policy
            {
                Version = "2012-10-17",
                Statements = statements
            };
            return policy;
        }
    }

所以最终我在亚马逊上得到了一些东西：

我的猜测是我以不良的方式创建了实例配置文件，但我不知道如何解决它。

访问密钥或秘密密钥为null，com.amazonaws.auth.InstanceProfileCredentials

0 个答案: