Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

AWS IoT Greengrass V2 Token Exchange Service

0

Hi Team,

We am trying to create S3, SNS & Lambda client in Greengrass V2 custom components. As per documentation token exchange service should help with temporary credentials while building this clients. We were using AWS Java SDK V1, with following code base where functionalities are working fine and we were able to make AWS Services call.

AmazonS3 s3 = AmazonS3ClientBuilder.standard().withCredentials(new EC2ContainerCredentialsProviderWrapper()) .withRegion(Regions.US_WEST_2).build();

Now, we are in process of changing AWS Java SDK with V2, where "EC2ContainerCredentialsProviderWrapper" support is not there. So, we tried with "DefaultCredentialsProvider", also tried with direct client creation. But in all try, its not working. Moreover, aws.greengrass.TokenExchangeService is also considered in deployment, policy and roles are also properly configured, as it was working fine with AWS SDK Java V1.

-- with DefaultCredentialsProvider SnsClient snsClient = SnsClient.builder().credentialsProvider(DefaultCredentialsProvider.create()) .region(Region.US_WEST_2).build(); -- Direct client building SnsClient snsClient = SnsClient.builder().region(Region.US_WEST_2).build();

Could you please guide what are missing here, as we are getting error like as below "Expected a profile or property definition on line 3"

Thanks, NPatel

Argomenti
Internet delle cose (IoT)
Tag
AWS IoT GreengrassAWS IoT Core
Lingua
English
rePost-User-7846458
posta un mese fa109 visualizzazioni
1 Risposta
0
Risposta accettata

Hello,

Do use the default chain, you do not need to provide it explicitly since it is the default. You also do not need to provide the region.

The error ""Expected a profile or property definition on line 3"" tells you that your ~/.aws/config or ~/.aws/credentials file is corrupted. You should delete these corrupt files.

ContainerCredentialsProvider is the correct provider to use if you do not want to use the default.

Cheers,

Michael

AWS
ESPERTO
MichaelDombrowski-AWS
con risposta un mese fa
  • MichaelDombrowski-AWS ESPERTO
    un mese fa

    There are, that's what the error is complaining about. ~ is the home location for the user that your component is running as. This may be a different user than you are currently logged in as.

  • rePost-User-7846458
    un mese fa

    There are no files on this location ... As I mentioned with V1 version its working fine but when we use V2 its giving this errors.

  • MichaelDombrowski-AWS ESPERTO
    un mese fa

    If you want to directly use only the correct credential provider, it is ContainerCredentialsProvider

  • MichaelDombrowski-AWS ESPERTO
    un mese fa

    what location are you looking at? By default your component runs as ggc_user, which means you need to look at /home/ggc_user/.aws. If your component is running as root, it will be /root/.aws

    it worked with v1 because you were not using the default chain which includes the profile credential provider.

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente