gpt4 book ai didi

amazon-web-services - Jenkins Cloudformation 插件给出无效客户端 ID 错误

转载 作者:行者123 更新时间:2023-12-01 18:35:35 25 4
gpt4 key购买 nike

我试图通过 jenkins-cloudformation 插件从 git 中存储的模板启动 cloudformation 堆栈,但即使我提供了正确的 access_key 和 Secret_key,我仍收到错误“无效的客户端 ID”。

此外,适当的 IAM 角色已附加到运行 jenkins 的 ec2 实例,并且 jenkins 用户可以访问实例元数据。

无论我是否在jenkins配置中传递secretKey、accessKey,都会出现此错误。

有人可以指导我哪里出了问题吗?

Jenkins config

错误

Building in workspace /apps/jenkins/.jenkins/workspace/Cloudformation_Test
> /usr/bin/git rev-parse --is-inside-work-tree # timeout=10
Fetching changes from the remote Git repository
> /usr/bin/git config remote.origin.url https://xxxx.git # timeout=10
Fetching upstream changes from https://xxxx.git
> /usr/bin/git --version # timeout=10
using GIT_ASKPASS to set credentials Gitlab user webadmdeamon to perform CICD with Jenkins
> /usr/bin/git fetch --tags --progress https://xxx.get +refs/heads/*:refs/remotes/origin/*
> /usr/bin/git rev-parse refs/remotes/origin/master^{commit} # timeout=10
> /usr/bin/git rev-parse refs/remotes/origin/origin/master^{commit} # timeout=10
Checking out Revision 827b91075eb0ae5901b641a7588b9b5769ad2ce7 (refs/remotes/origin/master)
> /usr/bin/git config core.sparsecheckout # timeout=10
> /usr/bin/git checkout -f 827b91075eb0ae5901b641a7588b9b5769ad2ce7
Commit message: "Add new file"
> /usr/bin/git rev-list --no-walk 827b91075eb0ae5901b641a7588b9b5769ad2ce7 # timeout=10
Determining to create or update Cloud Formation stack: JenkinsCloudformationTest
Stack not found: JenkinsCloudformationTest. Reason: Detailed Message: The security token included in the request is invalid. (Service: AmazonCloudFormation; Status Code: 403; Error Code: InvalidClientTokenId; Request ID: be71618c-3027-11e9-8d00-45421bf87ce0)
Status Code: 403
Error Code: InvalidClientTokenId

Creating Cloud Formation stack: JenkinsCloudformationTest
Failed to create stack: JenkinsCloudformationTest. Reason: Detailed Message: The security token included in the request is invalid. (Service: AmazonCloudFormation; Status Code: 403; Error Code: InvalidClientTokenId; Request ID: be73364d-3027-11e9-8d00-45421bf87ce0)
Status Code: 403
Error Code: InvalidClientTokenId

Finished: FAILURE

编辑---

我能够在同一 EC2 实例中使用同一用户使用 aws cli 创建堆栈。

最佳答案

日志显示您的问题与身份验证相关:

Reason: Detailed Message: The security token included in the request is invalid.
(Service: AmazonCloudFormation; Status Code: 403; Error Code: InvalidClientTokenId; Request
ID: be71618c-3027-11e9-8d00-45421bf87ce0)
Status Code: 403
Error Code: InvalidClientTokenId

问题可能是 Jenkins 插件中的错误,或者(更有可能)是您提供给插件的 key 的问题。

同时,该插件的源代码 ( code ref ) 似乎表明该插件始终尝试使用您提供的访问 key 。如果您将键字段留空,我想它会尝试空字符串作为键。因此,附加到实例的 IAM 角色可能不相关。

请注意,您收到的错误 InvalidClientTokenId 已记录在 here 中:

InvalidClientTokenId

The X.509 certificate or AWS access key ID provided does not exist in our records.

HTTP Status Code: 403

现在,您在更新中提到:

I am able to create a stack using aws cli in the same ec2 instance and with the same user.

首先,再试一次,然后查看 CloudTrail 。按EventName=CreateStack过滤,然后你会看到类似这样的内容:

enter image description here

真的是同一个用户和访问 key 吗?

我怀疑您会发现事实并非如此,而解决方法是提供正确的访问 key 。如果没有,请告诉我,我们可以考虑其他可能性。

关于amazon-web-services - Jenkins Cloudformation 插件给出无效客户端 ID 错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/54685071/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com