[英]com.amazonaws.services.s3.model.AmazonS3Exception: Forbidden (Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden; Request ID: XXXXXXXX)
From few days back i am receiving this exception when i try to push files to my S3Bucket. 从几天开始,当我尝试将文件推送到S3Bucket时,我收到此异常。 Ealier everything seems to work and i am sure there is no code changes from my side.
Ealier一切似乎都有效,我相信我的代码没有任何代码变化。
com.amazonaws.services.s3.model.AmazonS3Exception: Forbidden
(Service: Amazon S3; Status Code: 403; Error Code: 403 Forbidden;
Request ID: XXXXXXXXXXXX),
S3 Extended Request ID: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:1077)
at com.amazonaws.http.AmazonHttpClient.executeOneRequest(AmazonHttpClient.java:725)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:460)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:295)
at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:3699)
at com.amazonaws.services.s3.AmazonS3Client.getObjectMetadata(AmazonS3Client.java:999)
at com.amazonaws.services.s3.AmazonS3Client.getObjectMetadata(AmazonS3Client.java:977)
.... .... .... ....
I came across many such Q related to com.amazonaws.services.s3.model.AmazonS3Exception: Forbidden following those 我遇到了许多与com.amazonaws.services.s3.model.AmazonS3异常相关的Q:禁止跟随这些
Anything else i can try to solve this issue 我还可以尝试解决这个问题
i am using aws-java-sdk:1.9.10 for pushing files to S3 Bucket. 我正在使用aws-java-sdk:1.9.10将文件推送到S3 Bucket。
Most likely your instance has not been launched with an IAM instance profile role that has access to S3. 很可能您的实例尚未使用可访问S3的IAM实例配置文件角色启动。
All access to AWS services must be signed with access key and secret. 必须使用访问密钥和机密签署对AWS服务的所有访问权限。 When you do this from your local machine the
DefaultCredentialsProviderChain
uses the access key and secret defined in your .aws/credentials
file. 从本地计算机执行此操作时,
DefaultCredentialsProviderChain
使用.aws/credentials
文件中定义的访问密钥和密钥。
When you launch an EC2 instance in AWS it also needs to sign the requests to services, like s3. 在AWS中启动EC2实例时,还需要对服务请求进行签名,例如s3。 However, it does this by retrieving it's credentials from an internal metadata service.
但是,它通过从内部元数据服务检索它的凭据来实现此目的。
So what you do is create an IAM instance profile that your instance will assume when it starts up. 因此,您所做的是创建一个IAM实例配置文件,您的实例在启动时将采用该配置文件。 This IAM instance profile, like other IAM profiles for user's for example, defines what the instance has access to.
与用户的其他IAM配置文件一样,此IAM实例配置文件定义了实例可以访问的内容。
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
在我的情况下,在android端的存储桶名称不同(存储桶名称在S3处为'a',我在android端输入'ab'),通过更改存储桶名称反之亦然,我解决了问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.