En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

while trying to retrieve the temporary credentials from Amazon using AWS SDK , i am facing this issue.

0

hi , i have tried using this 2 types of approaches to retrieve temporary credentials from AWS account , getting the same error as shown in the screenshot . Please let me knw if there are any better approaches or if any fix for the error , Thank you. // 1st apporach

AssumeRoleRequest request = new AssumeRoleRequest();
                request.RoleArn = "arn:aws:iam::532634566192:role/ap-redshift";
                request.RoleSessionName = "newsessionanme";
                client = new AmazonSecurityTokenServiceClient();
                AssumeRoleResponse resp = client.AssumeRole(request);
                Console.WriteLine(resp.Credentials);
                Console.ReadLine();

// 2nd approach

client = new AmazonSecurityTokenServiceClient();
            var response = client.AssumeRole(new AssumeRoleRequest
            {
                RoleArn = "arn:aws:iam::532634566192:role/ap-redshift",
                RoleSessionName = "newsessionanme"
            });
            AssumedRoleUser assumedRoleUser = response.AssumedRoleUser;
            Credentials credentials = response.Credentials;

This is the error i am getting "Unable to get IAM security credentials from EC2 Instance Metadata Service.'" as also shown in the picture .

Enter image description here

Sujets
Sécurité, identité et conformité
Balises
Gestion des identités et des accès AWS
Langue
English
rePost-User-9225202
demandé il y a 2 ans709 vues
1 réponse
0

Hello rePost-User-9225202, thank you for reaching out!

    It appears you are encountering an issue related to IAM security credentials on SDK. The error suggest the problem that the IAM trust policy might not be correctly configured.
     
    Make sure your IAM trust policy allow allows the EC2 instance to assume the role. Check the example below.
     
    {
      "Version": "2012-10-17",
      "Statement": [
        {
          "Effect": "Allow",
          "Principal": { "Service": "ec2.amazonaws.com"},
          "Action": "sts:AssumeRole"
        }
      ]
    } 
    
    If you are performing these call within a EC2 instance check this link https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html#instance-metadata-security-credentials.
 
Somebody also ask a similar question over Github(https://github.com/aws/aws-sdk-net/issues/1699). Check the link to see if you can resolve your issue over there.
 
    Hope this helps.
     
    Reference:
    https://blog.gruntwork.io/authenticating-to-aws-with-instance-metadata-b6d812a86b40
Jajuan_H
répondu il y a 8 mois

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents