使用AWS S3 Java SDK,确定授权(访问密钥和秘密密钥)是否正确的最快方法是什么?
[英]Using the AWS S3 Java SDK, what is the fastest way to determine if the authorization (access key and secret key) is correct?
问题描述
I need a quick way to determine if the authorization (access key and secret key) is correct for AWS S3. 
我需要一种快速的方法来确定授权(访问密钥和秘密密钥)对于AWS S3是否正确。
I have found a slow solution: Calling AmazonS3Client.getS3AccountOwner will result in signing a request and sending it to AWS, and getting a failure if your access key / secret key aren't correct. 我发现了一个很慢的解决方案:调用AmazonS3Client.getS3AccountOwner将导致签署请求并将其发送到AWS,如果您的访问密钥/秘密密钥不正确,则会失败。 Unfortunately, this takes 200-300 ms. 不幸的是,这需要200-300毫秒。
I've found a way to accomplish this in Azure in 60 ms using the code below: 我找到了一种使用以下代码在60毫秒内在Azure中完成此操作的方法:
final CloudBlobContainer container =
m_client.getContainerReference( UUID.randomUUID().toString() );
container.exists();
The equivalent of the above for S3 doesn't work for my purpose (or at least I've not been able to figure out how to use it for my purpose). 相当于S3的上述方法不适用于我的目的(或者至少我无法弄清楚如何将其用于我的目的)。 Anybody have any ideas as to how I can cut down on the time to determine if the authorization is correct from 200-300 ms with the approach I found? 任何人都对如何减少我发现的方法在200-300毫秒内确定授权是否正确的时间有任何想法?
1 个解决方案
解决方案1
1 2016-08-11 17:17:59
A check like that does not provide any value in AWS. 像这样的检查在AWS中没有任何价值。 An access key and a secret key may match but there may not be any IAM policies or the policies may be limited for the IAM user. 访问密钥和秘密密钥可以匹配,但是可能没有任何IAM策略,或者这些策略可能仅限于IAM用户。 So just because the keys are valid doesn't mean you'll be able to list buckets or download a file with those credentials. 因此,仅因为密钥有效并不意味着您就可以列出存储桶或使用这些凭据下载文件。
You should check the result of the S3 operation to determine if the permissions were insufficient for the operation and act accordingly at that time. 您应该检查S3操作的结果,以确定权限是否不足以执行该操作,并在那时采取相应措施。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.