使用来自 REST 客户端 Postman 的 AWS_IAM 和 API 密钥验证 AWS API 网关
[英]Authenticate AWS API gateway with AWS_IAM and API key from REST client Postman
问题描述
I am trying to access authenticated POST API gateway with postman rest client, but I am getting status 403 with forbidden message.
我正在尝试使用邮递员休息客户端访问经过身份验证的 POST API 网关,但我收到状态 403 和禁止消息。
{ "message": "Forbidden" } {“消息”:“禁止”}
I am using AWS Signature Authentication with AccessKey, SecretKey, AWS Region and Service Name.我将 AWS 签名身份验证与 AccessKey、SecretKey、AWS 区域和服务名称结合使用。 I don't understand why its not allowing my rest call, is it something to do with my AccessKey and SecretKey pair lacking authorisation??我不明白为什么它不允许我的休息电话,这与我的 AccessKey 和 SecretKey 对缺乏授权有关吗? (My user is Admin thought) (我的用户是管理员认为)
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://xxxxxxxxxx.execute-api.us-west-2.amazonaws.com/dev/score",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "input1=1&input2=2",
CURLOPT_HTTPHEADER => array(
"authorization: AAAA-AAAA-XXX123 Credential=XXXXXXXXXX/20160414/us-west-2/execute-api/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date, Signature=sdddddssdddddddddddddddddsdsdsdsdsdsdsdsdsdsd",
"cache-control: no-cache",
"content-type: application/javascript",
"host: xxxxxxxxxx.execute-api.us-west-2.amazonaws.com",
"postman-token: abf462fe-24ae-244d-ba8d-d3e953f0e712",
"x-amz-date: 20160414T084331Z"
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
4 个解决方案
解决方案1
3 2016-09-07 08:45:33
If you are using an API Key, make sure you set the "x-api-key" header.如果您使用 API 密钥,请确保设置“x-api-key”标头。
I also had the same problem until I created a Usage Plan and linked the plan to the API stage and the API key.我也遇到了同样的问题,直到我创建了一个使用计划并将该计划链接到 API 阶段和 API 密钥。
解决方案2
3 2017-04-21 04:22:22
If you set 'API Key Required' option to true, please check below.如果您将“需要 API 密钥”选项设置为 true,请检查以下内容。
- Deploy your API to update changes.部署您的 API 以更新更改。
- you have to pass 'x-api-key' HTTP Header Parameter to API Gateway.您必须将“x-api-key”HTTP 标头参数传递给 API 网关。
- The API Key had to be created.必须创建 API 密钥。
- In addition, you need to check a Usage Plan for the API Key on API Gateway Console.此外,您需要在 API Gateway 控制台上查看 API 密钥的使用计划。
解决方案3
1 2016-04-14 02:19:57
This can have multiple reasons, would you mind sharing a sample setup where it fails?这可能有多种原因,您介意分享一个失败的示例设置吗?
Please check the following:请检查以下内容:
- Did you deploy your API?您是否部署了 API?
- Does the user have the proper permissions?用户是否具有适当的权限? You can use the managed IAM policy "AmazonAPIGatewayInvokeFullAccess" or create your own.您可以使用托管 IAM 策略“AmazonAPIGatewayInvokeFullAccess”或创建自己的策略。 Please refer to our documentation for more details.有关更多详细信息,请参阅我们的文档。
Best,最好的,
Jurgen, API Gateway Jurgen,API 网关
解决方案4
0 2020-06-24 11:03:31
当 API 未部署到 API Gateway 或您访问错误的路径 /your-rout 而不是 /api-name/your-route 时,通常会发生这种情况。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.