1 Risposta
- Più recenti
- Maggior numero di voti
- Maggior numero di commenti
0
You're encountering an error where AWS STS is rejecting your ID token as invalid, even though it appears valid when decoded and tested manually. The issue likely arises from asynchronous token retrieval. Ensure that your token retrieval function completes before passing it to fromWebToken()
. This timing problem may cause STS to receive an incomplete or invalid token. Modify your code to await the token retrieval function before passing it to fromWebToken()
. This ensures the token is fully retrieved and ready for use, resolving the issue.
const getTokenFromIdp = async () => {
const token = await auth.tokenManager.get("idToken");
return token.idToken;
}
const getCredentials = async () => {
const webIdentityToken = await getTokenFromIdp();
const oidcCredentials = fromWebToken({
roleArn: "arn:aws:iam::2222333344445556:role/OIDCroleReadS3",
roleSessionName: "session_111",
durationSeconds: 7200,
webIdentityToken: webIdentityToken
});
return oidcCredentials;
}
const main = async () => {
const credentials = await getCredentials();
const s3client = new S3({
region: "us-east-2",
credentials: credentials,
});
// Now you can use the S3 client with the obtained credentials
}
main();
Contenuto pertinente
- AWS UFFICIALEAggiornata 2 anni fa
- AWS UFFICIALEAggiornata 5 mesi fa
- AWS UFFICIALEAggiornata 2 anni fa