[英]Error: The security token included in the request is invalid - AWS DynamoDB
The file is stored in .js
script and located in AWS S3.该文件存储在.js
脚本中并位于 AWS S3 中。
AWS.config.update({
region: "us-west-2",
//endpoint: 'dynamodb.us-west-2.amazonaws.com',
accessKeyId: "name",
secretAccessKey: "pass"
});
var dynamodb = new AWS.DynamoDB({apiVersion: '2012-08-10'});
var params = {
TableName : "table_name",
ProjectionExpression:"company, link, budget",
KeyConditionExpression: "company = :Adidas"
};
dynamodb.query(params, function (err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
I am trying to get data from DynamoDB, but instead get this:我正在尝试从 DynamoDB 获取数据,但得到的是:
Error: The security token included in the request is invalid.错误:请求中包含的安全令牌无效。 at Request.extractError (aws-sdk.js:96980) at Request.callListeners (aws-sdk.js:98762) at Request.emit (aws-sdk.js:98736) at Request.emit (aws-sdk.js:97899) at Request.transition (aws-sdk.js:97626) at AcceptorStateMachine.runTo (aws-sdk.js:101148) at aws-sdk.js:101160 at Request.在 Request.extractError (aws-sdk.js:96980) 在 Request.callListeners (aws-sdk.js:98762) 在 Request.emit (aws-sdk.js:98736) 在 Request.emit (aws-sdk.js: 97899) 在 Request.transition (aws-sdk.js:97626) 在 AcceptorStateMachine.runTo (aws-sdk.js:101148) 在 aws-sdk.js:101160 在 Request. (aws-sdk.js:97642) at Request. (aws-sdk.js:97642) 在请求中。 (aws-sdk.js:97901) at Request.callListeners (aws-sdk.js:98772) "UnrecognizedClientException: The security token included in the request is invalid. at Request.extractError ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:96980:27 ) at Request.callListeners ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:98762:20 ) at Request.emit ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:98736:10 ) at Request.emit ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:97899:14 ) at Request.transition ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:97626:10 ) at AcceptorStateMachine.runTo ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:101148:12 ) at https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:101160:10 at Request. ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:97642:9 ) at Request. ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:9790 (aws-sdk.js:97901) 在 Request.callListeners (aws-sdk.js:98772) "UnrecognizedClientException: 请求中包含的安全令牌无效。在 Request.extractError ( https://cdnjs.cloudflare.com/ ajax/libs/aws-sdk/2.22.0/aws-sdk.js:96980:27 ) 在 Request.callListeners ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws -sdk.js:98762:20 ) 在 Request.emit ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:98736:10 ) 在 Request.emit ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:97899:14 ) 在 Request.transition ( https://cdnjs.cloudflare.com/ajax/ libs/aws-sdk/2.22.0/aws-sdk.js:97626:10 ) 在 AcceptorStateMachine.runTo ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk .js:101148:12 )在https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:101160:10在请求处。( https://cdnjs.cloudflare .com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:97642:9 )在请求。( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0 /aws-sdk.js:9790 1:12 ) at Request.callListeners ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:98772:18 )" 1:12 ) 在 Request.callListeners ( https://cdnjs.cloudflare.com/ajax/libs/aws-sdk/2.22.0/aws-sdk.js:98772:18 )"
How can I make this work?我怎样才能使这项工作?
The error message indicates a problem with credentials.错误消息表明凭据存在问题。 Embedding credentials in local variables in a script poses a security risk.在脚本的局部变量中嵌入凭据会带来安全风险。 Please try to use one of the recommended methods to configure your client credentials, in decreasing order of preference:请尝试使用推荐的方法之一来配置您的客户端凭据,按优先级降序排列:
I got the same error.我得到了同样的错误。 But in my case, it turned out that I incorrectly passed credentials.但就我而言,事实证明我错误地传递了凭据。 I used AWS SDK v3, but tried to do it in the AWS SDK v2 way - the API is almost the same, so I didn't check it at once.我使用了 AWS SDK v3,但尝试以 AWS SDK v2 的方式进行 - API 几乎相同,所以我没有立即检查。
So if you are using AWS SDK v3, you should do it the following way (if you have configured your credentials via aws configure --profile profile_name
):因此,如果您使用的是 AWS SDK v3,则应按以下方式进行操作(如果您已通过aws configure --profile profile_name
配置了凭证):
let config = { region: 'us-east-1' };
if (process.env.NODE_ENV !== 'production') {
// it is needed only for development, so a dynamic import is used
const { fromIni } = await import('@aws-sdk/credential-provider-ini');
config = {
region: 'us-west-2',
credentials: fromIni({
profile: 'profile_name',
}),
};
}
const db = new DynamoDB(config)
Or an alternative way:或者另一种方式:
import { loadSharedConfigFiles } from '@aws-sdk/shared-ini-file-loader';
const configFiles = await loadSharedConfigFiles();
const db = new DynamoDB({
region: configFiles.configFile['profile_name'].region || 'us-east-1',
credentials: {
accessKeyId: configFiles.credentialsFile['profile_name'].aws_access_key_id,
secretAccessKey: configFiles.credentialsFile['profile_name'].aws_secret_access_key,
}
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.