Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

while trying to retrieve the temporary credentials from Amazon using AWS SDK , i am facing this issue.

0

hi , i have tried using this 2 types of approaches to retrieve temporary credentials from AWS account , getting the same error as shown in the screenshot . Please let me knw if there are any better approaches or if any fix for the error , Thank you. // 1st apporach

AssumeRoleRequest request = new AssumeRoleRequest();
                request.RoleArn = "arn:aws:iam::532634566192:role/ap-redshift";
                request.RoleSessionName = "newsessionanme";
                client = new AmazonSecurityTokenServiceClient();
                AssumeRoleResponse resp = client.AssumeRole(request);
                Console.WriteLine(resp.Credentials);
                Console.ReadLine();

// 2nd approach

client = new AmazonSecurityTokenServiceClient();
            var response = client.AssumeRole(new AssumeRoleRequest
            {
                RoleArn = "arn:aws:iam::532634566192:role/ap-redshift",
                RoleSessionName = "newsessionanme"
            });
            AssumedRoleUser assumedRoleUser = response.AssumedRoleUser;
            Credentials credentials = response.Credentials;

This is the error i am getting "Unable to get IAM security credentials from EC2 Instance Metadata Service.'" as also shown in the picture .

Enter image description here

Temas
Seguridad, identidad y cumplimiento
Etiquetas
AWS Identity and Access Management
Idioma
English
rePost-User-9225202
preguntada hace 2 años736 visualizaciones
1 Respuesta
0

Hello rePost-User-9225202, thank you for reaching out!

    It appears you are encountering an issue related to IAM security credentials on SDK. The error suggest the problem that the IAM trust policy might not be correctly configured.
     
    Make sure your IAM trust policy allow allows the EC2 instance to assume the role. Check the example below.
     
    {
      "Version": "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "Principal": { "Service": "ec2.amazonaws.com"},
          "Action": "sts:AssumeRole"
        }
      ]
    } 
    
    If you are performing these call within a EC2 instance check this link https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#instance-metadata-security-credentials.
 
Somebody also ask a similar question over Github(https://github.com/aws/aws-sdk-net/issues/1699). Check the link to see if you can resolve your issue over there.
 
    Hope this helps.
     
    Reference:
    https://blog.gruntwork.io/authenticating-to-aws-with-instance-metadata-b6d812a86b40
Jajuan_H
respondido hace 8 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante