How to access a public S3 bucket using latest java aws sdk from a spring boot app hosted in EKS (v2.26.12)

0

When running > aws s3 ls s3://bucket_name/prefix/ --no-sign-request from the command line I have no problem listing out the contents of a public bucket. Note that my company's web traffic is routed via a proxy.

When I try connecting with the following java code I get 403 forbidden errors:

    Region region = Region.EU_CENTRAL_1;
    ProxyConfiguration config = ProxyConfiguration.builder().endpoint(
    URI.create(proxyUrl)).username(serviceAccount).password(serviceAccountPw).build();

S3Client.builder()
                    .httpClient(ApacheHttpClient.builder().proxyConfiguration(config).build())
                    .region(region)
                    .build();

Do I need to do anything special to simulate the '--no-sign-request' flag? I have tried using an anonymous credentials provider, ie adding the following line to the above:

      .credentialsProvider(AnonymousCredentialsProvider.create())

If I do this I see the following errors returned:

software.amazon.awssdk.services.s3.model.S3Exception: null (Service: S3, Status Code: 407, Request ID: null)
Exception in S3BucketServiceImpl null (Service: S3, Status Code: 407, Request ID: null)
o.a.h.i.a.HttpAuthenticator: NEGOTIATE authentication error: Invalid name provided (Mechanism level: KrbException: Cannot locate default realm)

Why can I be getting 403 errors when trying to access a public bucket and how do I simulate the --no-sign-request flag in Java?

Thanks!

asked 3 months ago131 views
1 Answer
0

The --no-sign-request flag in AWS CLI allows unauthenticated requests, and in Java, this can be simulated using AnonymousCredentialsProvider. However, your Status Code: 407 error suggests an issue with your proxy settings. Ensure your proxy settings are correct, check for any bucket or IAM policies that might deny access, and verify the bucket’s Amazon S3 Block Public Access settings.

profile picture
EXPERT
answered 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions