1 Antwort
- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
0
You're encountering an error where AWS STS is rejecting your ID token as invalid, even though it appears valid when decoded and tested manually. The issue likely arises from asynchronous token retrieval. Ensure that your token retrieval function completes before passing it to fromWebToken()
. This timing problem may cause STS to receive an incomplete or invalid token. Modify your code to await the token retrieval function before passing it to fromWebToken()
. This ensures the token is fully retrieved and ready for use, resolving the issue.
const getTokenFromIdp = async () => {
const token = await auth.tokenManager.get("idToken");
return token.idToken;
}
const getCredentials = async () => {
const webIdentityToken = await getTokenFromIdp();
const oidcCredentials = fromWebToken({
roleArn: "arn:aws:iam::2222333344445556:role/OIDCroleReadS3",
roleSessionName: "session_111",
durationSeconds: 7200,
webIdentityToken: webIdentityToken
});
return oidcCredentials;
}
const main = async () => {
const credentials = await getCredentials();
const s3client = new S3({
region: "us-east-2",
credentials: credentials,
});
// Now you can use the S3 client with the obtained credentials
}
main();
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 2 Jahren
- AWS OFFICIALAktualisiert vor 5 Monaten