我如何承担来自lambda的角色以使用Java SDK调用API网关
答案 0 :(得分:0)
我假设您是指API Gateway生成的Java SDK。客户端构建器具有方法public void setIamCredentials(AWSCredentialsProvider iamCredentials)。您可以将如下所示的AWSStaticCredentialsProvider传递给该方法:
AWSSecurityTokenService client = AWSSecurityTokenServiceClientBuilder.standard().build();
AssumeRoleRequest request = new AssumeRoleRequest().withRoleArn(iamRole)
.withRoleSessionName(yourRoleName);
AssumeRoleResult response = client.assumeRole(request);
return new AWSStaticCredentialsProvider(
new BasicSessionCredentials(
response.getCredentials().getAccessKeyId(),
response.getCredentials().getSecretAccessKey(),
response.getCredentials().getSessionToken()));
请记住,您需要在角色上设置一个IAM策略,以使其能够访问您的API网关:https://docs.aws.amazon.com/apigateway/latest/developerguide/permissions.html