By using AWS re:Post, you agree to the Terms of Use

Questions tagged with Security Identity & Compliance

Sort by most recent

Browse through the questions and answers listed below or filter and sort to narrow down your results.

Unable to execute HTTP request: Connect to sts.us-east-1.amazonaws.com:443 [sts.us-east-1.amazonaws.com/209.54.177.185] failed: Connect timed out

Sometimes I am getting the below error from sts while API call. I am not able to find the root cause of this error. ``` Unable to execute HTTP request: Connect to sts.us-east-1.amazonaws.com:443 [sts.us-east-1.amazonaws.com/209.54.177.185] failed: Connect timed out ``` Stack Trace JSON ``` { "message": "Unable to execute HTTP request: Connect to sts.us-east-1.amazonaws.com:443 [sts.us-east-1.amazonaws.com/209.54.177.185] failed: Connect timed out", "source": "JavaSDK", "stackTrace": "software.amazon.awssdk.core.exception.SdkClientException$BuilderImpl.build(SdkClientException.java:102)", "cause": { "message": "Connect to sts.us-east-1.amazonaws.com:443 [sts.us-east-1.amazonaws.com/209.54.177.185] failed: Connect timed out", "source": "JavaSDK", "stackTrace": "org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:151)", "cause": { "message": "Connect timed out", "source": "JavaSDK", "stackTrace": "java.base/sun.nio.ch.NioSocketImpl.timedFinishConnect(NioSocketImpl.java:546)\njava.base/sun.nio.ch.NioSocketImpl.connect(NioSocketImpl.java:597)", "cause": null, "applicationFailureInfo": { "type": "java.net.SocketTimeoutException", "nonRetryable": false, "details": null } }, "applicationFailureInfo": { "type": "org.apache.http.conn.ConnectTimeoutException", "nonRetryable": false, "details": null } }, "applicationFailureInfo": { "type": "software.amazon.awssdk.core.exception.SdkClientException", "nonRetryable": false, "details": null } } ```
0
answers
0
votes
14
views
asked 3 days ago

SDK and ChainableTemporaryCredentials

Hi, I already posted my problem in: https://stackoverflow.com/questions/73702466/chainabletemporarycredentials-getpromise-and-missing-credentials-in-config-if-u Basically it is the following. When I use ``` const credentials = new ChainableTemporaryCredentials({ params: { RoleArn: 'arn:aws:iam::${this.accountId}:role/${this.targetRoleName}', RoleSessionName: this.targetRoleName, }, masterCredentials: new WebIdentityCredentials({ RoleArn: 'arn:aws:iam::<proxyAccountId>:role/<proxyRoleName>', RoleSessionName: this.proxyRoleName, WebIdentityToken: token, }), }) await credentials.getPromise() ``` with `token` a a token received from GCP-cloud do I still need some kind of AWS_ACCESS_KEY_ID/AWS_SECRET_ACCESS_KEY in my environment? I don't think so, since the idea of the token is to grant access exactly without such credentials. Right? (In the codeblock above I had to manipulate some charaters because the code-template here in the forum had some difficulties withe original 1:1 code...) At runtime I get always an error message: `Missing credentials in config, if using AWS_CONFIG_FILE, set AWS_SDK_LOAD_CONFIG=1` I think I have not to use AWS_CONFIG_FILE: My application runs in GCP and just want access AWS via STS. My token looks good so far as I would assess: ``` { "aud": <here my email address of the service account in GCP>, "azp": "21 digit number", "email": <same email as under "aud">, "email_verified": true, "exp": <10 digit number>, "iat": <10 digit number>, "iss": "https://accounts.google.com", "sub": "<same number as under azp>" } ``` Are my expectations wrong? What is the reason for the error message? Best regards Thomas
2
answers
0
votes
13
views
asked 3 days ago