[英]Authenticate AWS API gateway with AWS_IAM and API key from REST client Postman
I am trying to access authenticated POST API gateway with postman rest client, but I am getting status 403 with forbidden message.我正在尝试使用邮递员休息客户端访问经过身份验证的 POST API 网关,但我收到状态 403 和禁止消息。
{ "message": "Forbidden" } {“消息”:“禁止”}
I am using AWS Signature Authentication with AccessKey, SecretKey, AWS Region and Service Name.我将 AWS 签名身份验证与 AccessKey、SecretKey、AWS 区域和服务名称结合使用。 I don't understand why its not allowing my rest call, is it something to do with my AccessKey and SecretKey pair lacking authorisation??
我不明白为什么它不允许我的休息电话,这与我的 AccessKey 和 SecretKey 对缺乏授权有关吗? (My user is Admin thought)
(我的用户是管理员认为)
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => "https://xxxxxxxxxx.execute-api.us-west-2.amazonaws.com/dev/score",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "input1=1&input2=2",
CURLOPT_HTTPHEADER => array(
"authorization: AAAA-AAAA-XXX123 Credential=XXXXXXXXXX/20160414/us-west-2/execute-api/aws4_request, SignedHeaders=content-length;content-type;host;x-amz-date, Signature=sdddddssdddddddddddddddddsdsdsdsdsdsdsdsdsdsd",
"cache-control: no-cache",
"content-type: application/javascript",
"host: xxxxxxxxxx.execute-api.us-west-2.amazonaws.com",
"postman-token: abf462fe-24ae-244d-ba8d-d3e953f0e712",
"x-amz-date: 20160414T084331Z"
),
));
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
If you are using an API Key, make sure you set the "x-api-key" header.如果您使用 API 密钥,请确保设置“x-api-key”标头。
I also had the same problem until I created a Usage Plan and linked the plan to the API stage and the API key.我也遇到了同样的问题,直到我创建了一个使用计划并将该计划链接到 API 阶段和 API 密钥。
If you set 'API Key Required' option to true, please check below.如果您将“需要 API 密钥”选项设置为 true,请检查以下内容。
This can have multiple reasons, would you mind sharing a sample setup where it fails?这可能有多种原因,您介意分享一个失败的示例设置吗?
Please check the following:请检查以下内容:
Best,最好的,
Jurgen, API Gateway Jurgen,API 网关
当 API 未部署到 API Gateway 或您访问错误的路径 /your-rout 而不是 /api-name/your-route 时,通常会发生这种情况。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.