[英]An error occurred (UnrecognizedClientException) when calling the GetSecretValue operation: The security token included in the request is invalid
Please check below is the screenshot it is having problem.请检查下面是它有问题的截图。 Aws credentials are configured correctly and its working fine when we use separately in boto3 but in SAM lambda function trigger it getting this error.
Aws 凭据配置正确,当我们在 boto3 中单独使用时它工作正常,但在 SAM lambda function 中触发它收到此错误。 enter image description here
在此处输入图像描述
tried with all solutions like checking "aws configure" & unset AWS_SECURITY_TOKEN
& other solutions mentioned in other sources also tried but didn't work.尝试了所有解决方案,例如检查“aws configure”和取消设置
AWS_SECURITY_TOKEN
以及其他来源中提到的其他解决方案也尝试过但没有用。
and In code am trying to do在代码中我正在尝试做
session = boto3.session.Session()
secretsmanager = session.client('secretsmanager')
try:
get_secret_value_response = secretsmanager.get_secret_value(
SecretId=secret_name
)
secret = json.loads(get_secret_value_response['SecretString'])
except ClientError as e:
print(e)
# print(sys.exc_info(),traceback.print_exc(file=sys.stdout))
except Exception as e:
print(sys.exc_info(),traceback.print_exc(file=sys.stdout))
print(e)
Remove AWS credentials by deleting this file ~/.aws/credentials
.通过删除此文件
~/.aws/credentials
来删除 AWS 凭证。 Then re-run aws configure
and pass valid security credentials.然后重新运行
aws configure
并传递有效的安全凭证。 This should fix the issue that you are encountering.这应该可以解决您遇到的问题。
If you have multiple profiles configured then edit ~/.aws/credentials
and remove the profile that was used with this code.For example if you have used user1 while configuring the credentials then your file will have contents similar to below:如果您配置了多个配置文件,然后编辑
~/.aws/credentials
并删除与此代码一起使用的配置文件。例如,如果您在配置凭据时使用了 user1,那么您的文件将包含类似于以下内容:
[default]
aws_access_key_id=AKIAIOSFODNN7EXAMPLE
aws_secret_access_key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
[user1]
aws_access_key_id=AKIAI44QH8DHBEXAMPLE
aws_secret_access_key=je7MtGbClwBF/2Zp9Utk/h3yCo8nvbEXAMPLEKEY
To solve this issue simply delete [user1] section from ~/.aws/credentials
then re-run aws configure
.要解决此问题,只需从
~/.aws/credentials
中删除 [user1] 部分,然后重新运行aws configure
。
Maybe is a little different problem but I got the exactly same error locally because I set the default profile before getting the session.也许是一个有点不同的问题,但我在本地得到了完全相同的错误,因为我在获取 session 之前设置了默认配置文件。
So, if I run the script with:所以,如果我运行脚本:
boto3.setup_default_session(profile_name='myprofile')
session = boto3.session.Session()
secretsmanager = session.client('secretsmanager')
I got the same error as the question, probably because they didn't works well when used together.我得到了与问题相同的错误,可能是因为它们一起使用时效果不佳。
To solve, you can just remove the session part:要解决,您可以删除 session 部分:
boto3.setup_default_session(profile_name='myprofile')
secretsmanager = boto3.client('secretsmanager')
In my case, it wasn't working because I was missing the session token.就我而言,它不起作用,因为我缺少 session 令牌。 I added the token in the boto3 Session and it worked:
我在 boto3 Session 中添加了令牌,它起作用了:
session = boto3.session.Session(
aws_access_key_id=AWS_ACCESS_KEY_ID,
aws_secret_access_key=AWS_SECRET_ACCESS_KEY,
aws_session_token=AWS_SESSION_TOKEN,
)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.