java - 在加载正确的 AWS 凭证时，我们的记录中不存在您提供的 AWS 访问 key ID

Question

我正在创建一个 Spring Boot 后端，它似乎无法上传带有我现在从三个不同客户端( postman 、 react 、后端本身)尝试过的预签名 url 的图像。
所有客户端都返回相同的客户端。
在最顶部，我已经声明了这样的配置:

    @Bean
    @Scope("singleton")
    public S3Service provideS3Service(){

         String secretKey = environment.getProperty("aws.key.secret");
         String accessKey = environment.getProperty("aws.key.access");
         String bucketName = environment.getProperty("aws.bucket.name");
         AWSCredentials awsCredentials = new BasicAWSCredentials(accessKey, secretKey);

         String regionName = environment.getProperty("aws.bucket.region");
         Regions clientRegion = Regions.valueOf(regionName);

         System.out.println(awsCredentials.getAWSAccessKeyId());
         System.out.println(awsCredentials.getAWSSecretKey());
         AmazonS3 s3Client = AmazonS3ClientBuilder.standard()
                .withCredentials(new AWSStaticCredentialsProvider(awsCredentials))
                .withRegion(clientRegion)
                .build();
         S3Service s3Service = new S3Service(bucketName, s3Client);


         return s3Service;


    }

在我的 S3 服务中，我具有以下功能来发出请求。现在我还 mock 了写入 aws 的请求。

    public PresignedUrlResponse createSignedUrlPost() throws IOException {
        String objectKey = UUID.randomUUID().toString();
        LocalDateTime expiration = getExpirationDate();

        Date expirationDate = Date.from(expiration.atZone(ZoneId.systemDefault()).toInstant());
        GeneratePresignedUrlRequest generatePresignedUrlRequest =
                new GeneratePresignedUrlRequest(this.bucketName, objectKey)
                .withMethod(HttpMethod.POST)
                .withExpiration(expirationDate);

        URL url = amazonS3.generatePresignedUrl(generatePresignedUrlRequest);

        // Create the connection and use it to upload the new object using the pre-signed URL.
        HttpURLConnection connection = (HttpURLConnection) url.openConnection();
        connection.setDoOutput(true);
        connection.setRequestMethod("PUT");
        OutputStreamWriter out = new OutputStreamWriter(connection.getOutputStream());
        out.write("This text uploaded as an object via presigned URL.");
        out.close();

        // Check the HTTP response code. To complete the upload and make the object available,
        // you must interact with the connection object in some way.
        connection.getResponseCode();
        System.out.println("HTTP response code: " + connection.getResponseCode());

        // Check to make sure that the object was uploaded successfully.
        S3Object object = amazonS3.getObject(bucketName, objectKey);
        System.out.println("Object " + object.getKey() + " created in bucket " + object.getBucketName());


        return new PresignedUrlResponse(url.toString(), expiration);
    }
    

这对应于以下错误:

{
  "timestamp": "Jul 18, 2020, 7:46:43 PM",
  "status": 500,
  "error": "Internal Server Error",
  "message": "The AWS Access Key Id you provided does not exist in our records. (Service: Amazon S3; Status Code: 403; Error Code: InvalidAccessKeyId; Request ID: DD94BBA0C28610CA; S3 Extended Request ID: tyyQDCnKD6ni+6uwumWh3psUvWM8TOVNguP8Y0dvkBPgmmUdebnrq+RBKqmXQcVQUyOxbqM5//o=; Proxy: null)",
  "path": "/chat/channels/signedurl"
}

我已经确保凭据正确，并且它们也可以从控制台记录。

         System.out.println(awsCredentials.getAWSAccessKeyId());
         System.out.println(awsCredentials.getAWSSecretKey());

我已经检查过，凭证是否与我的 AWS 账户上的凭证相匹配。
有没有人知道这个问题可能是由什么引起的？
我现在已经尝试了一切。

Answer 1

如果您以这种方式打印出访问 key 和 secret key ，则它们看起来好像是错误的方式。
访问 key 应始终是大写字母 A-Z 和数字中的短 key ， key 是较长的字符串。
检查您如何将它们传递到您的代码库中，以确保您没有以错误的顺序将它们放入。