错误：请求中包含的安全令牌无效 - AWS DynamoDB

Question

The file is stored in .js script and located in AWS S3.该文件存储在.js脚本中并位于 AWS S3 中。

AWS.config.update({
  region: "us-west-2",
  //endpoint: 'dynamodb.us-west-2.amazonaws.com',
  accessKeyId: "name",
  secretAccessKey: "pass"
});

var dynamodb = new AWS.DynamoDB({apiVersion: '2012-08-10'});
var params = {
    TableName : "table_name",
    ProjectionExpression:"company, link, budget",
    KeyConditionExpression: "company = :Adidas"
};
dynamodb.query(params, function (err, data) {
  if (err) console.log(err, err.stack); // an error occurred
  else     console.log(data);           // successful response
});

I am trying to get data from DynamoDB, but instead get this:我正在尝试从 DynamoDB 获取数据，但得到的是：

Error: The security token included in the request is invalid.错误：请求中包含的安全令牌无效。 at Request.extractError (aws-sdk.js:96980) at Request.callListeners (aws-sdk.js:98762) at Request.emit (aws-sdk.js:98736) at Request.emit (aws-sdk.js:97899) at Request.transition (aws-sdk.js:97626) at AcceptorStateMachine.runTo (aws-sdk.js:101148) at aws-sdk.js:101160 at Request.在 Request.extractError (aws-sdk.js:96980) 在 Request.callListeners (aws-sdk.js:98762) 在 Request.emit (aws-sdk.js:98736) 在 Request.emit (aws-sdk.js: 97899) 在 Request.transition (aws-sdk.js:97626) 在 AcceptorStateMachine.runTo (aws-sdk.js:101148) 在 aws-sdk.js:101160 在 Request. (aws-sdk.js:97642) at Request. (aws-sdk.js:97642) 在请求中。 (aws-sdk.js:97901) at Request.callListeners (aws-sdk.js:98772) "UnrecognizedClientException: The security token included in the request is invalid. at Request.extractError ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:96980:27 ) at Request.callListeners ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:98762:20 ) at Request.emit ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:98736:10 ) at Request.emit ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:97899:14 ) at Request.transition ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:97626:10 ) at AcceptorStateMachine.runTo ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:101148:12 ) at https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:101160:10 at Request. ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:97642:9 ) at Request. ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:9790 (aws-sdk.js:97901) 在 Request.callListeners (aws-sdk.js:98772) "UnrecognizedClientException: 请求中包含的安全令牌无效。在 Request.extractError ( https://cdnjs.cloudflare.com/ ajax/libs/aws-sdk/2.22.0/aws-sdk.js:96980:27 ) 在 Request.callListeners ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws -sdk.js:98762:20 ) 在 Request.emit ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:98736:10 ) 在 Request.emit ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:97899:14 ) 在 Request.transition ( https://cdnjs.cloudflare.com/ajax/ libs/aws-sdk/2.22.0/aws-sdk.js:97626:10 ) 在 AcceptorStateMachine.runTo ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk .js:101148:12 ）在https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:101160:10在请求处。（ https://cdnjs.cloudflare .com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:97642:9 ）在请求。（ https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0 /aws-sdk.js:9790 1:12 ) at Request.callListeners ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:98772:18 )" 1:12 ) 在 Request.callListeners ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:98772:18 )"

How can I make this work?我怎样才能使这项工作？

Answer 1

The error message indicates a problem with credentials.错误消息表明凭据存在问题。 Embedding credentials in local variables in a script poses a security risk.在脚本的局部变量中嵌入凭据会带来安全风险。 Please try to use one of the recommended methods to configure your client credentials, in decreasing order of preference:请尝试使用推荐的方法之一来配置您的客户端凭据，按优先级降序排列：

AWS Identity and Access Management (IAM) roles (for example, in EC2 instance profiles or Lambda execution roles) AWS Identity and Access Management (IAM) 角色（例如，在 EC2 实例配置文件或 Lambda 执行角色中）
A shared credentials file (~/.aws/credentials)共享凭证文件 (~/.aws/credentials)
Environment variables环境变量
A JSON file on disk磁盘上的 JSON 文件

Answer 2

I got the same error.我得到了同样的错误。 But in my case, it turned out that I incorrectly passed credentials.但就我而言，事实证明我错误地传递了凭据。 I used AWS SDK v3, but tried to do it in the AWS SDK v2 way - the API is almost the same, so I didn't check it at once.我使用了 AWS SDK v3，但尝试以 AWS SDK v2 的方式进行 - API 几乎相同，所以我没有立即检查。

So if you are using AWS SDK v3, you should do it the following way (if you have configured your credentials via aws configure --profile profile_name ):因此，如果您使用的是 AWS SDK v3，则应按以下方式进行操作（如果您已通过aws configure --profile profile_name配置了凭证）：

let config = { region: 'us-east-1' };
if (process.env.NODE_ENV !== 'production') {
    // it is needed only for development, so a dynamic import is used
    const { fromIni } = await import('@aws-sdk/credential-provider-ini');
    config = {
        region: 'us-west-2',
        credentials: fromIni({
            profile: 'profile_name',
        }),
    };
}
const db = new DynamoDB(config)

Or an alternative way:或者另一种方式：

import { loadSharedConfigFiles } from '@aws-sdk/shared-ini-file-loader';
const configFiles = await loadSharedConfigFiles();
const db = new DynamoDB({
    region: configFiles.configFile['profile_name'].region || 'us-east-1',
    credentials: {
        accessKeyId: configFiles.credentialsFile['profile_name'].aws_access_key_id,
        secretAccessKey: configFiles.credentialsFile['profile_name'].aws_secret_access_key,
    }
});

错误：请求中包含的安全令牌无效 - AWS DynamoDB

问题描述

2 个解决方案

解决方案1
4 已采纳 2017-03-13 13:47:02

解决方案2
0 2022-07-13 18:46:52

错误：请求中包含的安全令牌无效 - AWS DynamoDB

问题描述

2 个解决方案

解决方案1 4 已采纳 2017-03-13 13:47:02

解决方案2 0 2022-07-13 18:46:52

解决方案1
4 已采纳 2017-03-13 13:47:02

解决方案2
0 2022-07-13 18:46:52