Service: AmazonSQS; Status Code: 403; Error Code: AccessDenied
|
Hi, Show
I have some issues using aws-java-sdk to connect/fetch to my AWS account. From the command line I can list all queues from my "profile" like: When I like to do the same thing in Java I get an exception: com.amazonaws.services.sqs.model.AmazonSQSException: Access to the resource https://sqs.eu-west-1.amazonaws.com/ is denied. (Service: AmazonSQS; Status Code: 403; Error Code: AccessDenied; Request ID: 90ae2bd8-eb2e-53e7-a44b-729e9cbb2e5a) The code is simple: ProfileCredentialsProvider prof = new ProfileCredentialsProvider("dev"); AmazonSQS sqs = AmazonSQSClientBuilder.standard() .withRegion("eu-west-1") .withCredentials(new AWSStaticCredentialsProvider(prof.getCredentials())) .build(); ListQueuesResult res = sqs.listQueues(); for (String url : res.getQueueUrls()) { System.out.println(url); }The same result I get if I set up BasicAWSCredentials with my keys. what I'm doing wrong?! BR 我目前在尝试使用Spring Cloud和Spring Boot连接到AWS SQS队列时遇到连接问题。 我相信我一切都配置良好,但得到了: 2015-07-01 18:12:11,926 [WARN][-]
1 @Configuration @MessageMapping("QUEUE") YML
当它尝试连接时,我看到标头值为:
发送请求后:
我已经检查了所有AIM政策,它们是正确的。 使用:
使用相同的凭据可以正常工作。 任何帮助是极大的赞赏。 谢谢 您的IAM用户是否允许GetQueueAttributes呼叫? 我认为它也使用了很少的其他操作。 不仅ReceiveMessage和GetQueueUrl。 就我而言,使用Spring Cloud,我必须设置以下权限:
7 Answers NewestMost votesMost comments Hi, You will need to change to this so that the application will pickup the credentials from the role instead of from the default profile: const sQS = new SQSClient({ region: 'region' });-randy Hi RandyTakeshita, Thank you very much for the response, yes we using same what you have suggested. AmazonSQSClient client = new AmazonSQSClient('RegionEndpoint.APNortheast2'); Hi, Sure, Error: Policy: Hi, -randy Much Appreciated, This gave me some insight, make some question raising to myself. We have AWS CLI installed on it. Since it is production I will do some non-business hours and get back to you. Will keep you posting. Edited by: Pruthvi on Sep 12, 2019 7:45 AM Hi Yes, it helped, I think the issue is with AWS CLI since according to profile EC2 is looking in AWS CLI I have tested different cases and set the version to an IAM role. Thank you very much for your help. Add your answerA good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker. Guidelines for Answering Questions Relevant questions
What is the Sqsdefaultpolicy?SQS queue policy is used to control user access to SQS queue. By default, only the account owner has access to queue, but the permissions can be changed to allow access by any user. If unrestricted access to a queue is allowed, anyone can manage the queue.
How do I delete AWS message in SQS?Open the Amazon SQS console at https://console.aws.amazon.com/sqs/ .. In the navigation pane, choose Queues.. On the Queues page, choose a queue.. Choose Send and receive messages. ... . Choose Poll for messages. ... . To delete messages, choose the messages that you want to delete and choose Delete.. How do I connect EC2 with SQS?Step 1: Create an Amazon EC2 key pair. A key pair lets you connect to an Amazon EC2 instance. ... . Step 2: Create AWS resources. ... . Step 3: Confirm that your EC2 instance isn't publicly accessible. ... . Step 4: Create an Amazon VPC endpoint for Amazon SQS. ... . Step 5: Send a message to your Amazon SQS queue.. Can SQS be inside a VPC?Amazon SQS now Supports Amazon VPC Endpoints using AWS PrivateLink. AWS customers can now access Amazon Simple Queue Service (Amazon SQS) from their Amazon Virtual Private Cloud (Amazon VPC) using VPC endpoints, without using public IPs, and without needing to traverse the public internet.
|
