无法使用Java SDK在AWS中创建VPC

Question

Below is my code using the API to create VPC in AWS, but I am getting an error.

Code:

CreateAccessKeyRequest key = new CreateAccessKeyRequest();
BasicAWSCredentials cred = new BasicAWSCredentials("", "");
key.setRequestCredentials(cred);
AmazonEC2 ec2 = new AmazonEC2Client();
System.out.println("Creating VPC.....\n");
CreateVpcRequest newVPC = new CreateVpcRequest("In");
newVPC.setRequestCredentials(key.getRequestCredentials());
String cidrBlock = "192.168.1.70/28";
newVPC.setCidrBlock(cidrBlock);
newVPC.setInstanceTenancy(Tenancy.Default);
AmazonIdentityManagementClient client = new AmazonIdentityManagementClient(cred);
CreateVpcResult res = ec2.createVpc(newVPC);
Vpc vp = res.getVpc();
vp.setIsDefault(true);
String vpcId = vp.getVpcId();
System.out.println("Created VPC" + vpcId);

Error:

Exception in thread "main" com.amazonaws.AmazonClientException: Unable to load AWS credentials from any provider in the chain
    at com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:117)
    at com.amazonaws.services.ec2.AmazonEC2Client.invoke(AmazonEC2Client.java:10540)
    at com.amazonaws.services.ec2.AmazonEC2Client.createVpc(AmazonEC2Client.java:5709)
    at CreateUserRequest.main(CreateUserRequest.java:29)

Answer 1

There are several issues with the code snippet above.

First, it is a bad idea to hardcode an access key / secret key. These should be stored in an external configuration file or an environment variables. If this code is meant to run from an EC2 instance, you should use "Roles" and Instance Profiles instead. This is clearly explained at http://docs.aws.amazon.com/AWSSdkDocsJava/latest/DeveloperGuide/credentials.html

That being said, if this is just for a quick test, let's assume hard coding access key and secret key is indeed a possibility, there are other problems at code level :

• you do not need to use CreateAccessKeyRequest as this is the API call to generate a new Access key / Secret Key

• your AmazonEC2Client has no reference to your credentials provider

• there is no need to set the credentials provider for the VPC Request itself

• setInstanceTenancy is not required, this is the default

• vp.setIsDefault(true); is useless. If you want to create a Default VPC, make a request to our Support team, they will flag your VPC as the default one (see https://aws.amazon.com/premiumsupport/knowledge-center/deleted-default-vpc/ )

Here is a modified code sample that create a VPC

package com.stormacq;

import com.amazonaws.auth.BasicAWSCredentials;
import com.amazonaws.regions.*;
import com.amazonaws.services.ec2.AmazonEC2;
import com.amazonaws.services.ec2.AmazonEC2Client;
import com.amazonaws.services.ec2.model.CreateVpcRequest;
import com.amazonaws.services.ec2.model.CreateVpcResult;
import com.amazonaws.services.ec2.model.Vpc;

public class Main {

    public static void main(String[] args) {
        BasicAWSCredentials cred = new BasicAWSCredentials("AK...OQ", "gH...tp");
        AmazonEC2 ec2 = new AmazonEC2Client(cred);
        ec2.setRegion(Region.getRegion(Regions.US_EAST_1));

        System.out.println("Creating VPC...");
        CreateVpcRequest newVPC = new CreateVpcRequest("In");

        newVPC.setCidrBlock("192.168.1.70/28");
        CreateVpcResult res = ec2.createVpc(newVPC);
        Vpc vp = res.getVpc();

        String vpcId = vp.getVpcId();
        System.out.println("Created VPC " + vpcId);
    }
}

Answer 2

Thanks Sébastien Stormacq for supporting me with your answer. We have found the solution for this issue. Actually my windows desktop time was 6 minutes late to the actual time. So there its getting the conflict to validate the AWS credentials. We synced the time manually with exact time and now its working like a charm. Please once check the Windows time when one is getting the same issue.