I'm building a java CDK template to deploy a Minecraft server in EC2. It offers different instance types, and the command to provision the instance and configure the server vary depending on the CPU architecture and memory of the instance type. (For instance, on an instance with < 4GB of memory, a swap drive is necessary.)
To retrieve the CPU architecture, I can use the CDK call InstanceType#getArchitecture. There is no similar CDK construct that contains the instance memory size, so I have to use the SDK.
I build an SDK AmazonEC2 with the region from my CDK Stack#getRegion, and I use the DefaultAWSCredentialsProviderChain.
When I invoke cdk diff --profile myprofile, I get an exception with a RequestExpired error code. The message includes the Request ID, but not the request time or the server time.
I've added a MonitoringListener to print some of the request details, and it is going to the region in my profile (us-west-2, in this case). I've caught the exception and printed the exception headers, and found that the Date (which is in GMT) matches my system time (when adjusted to UTC as displayed by date -u).
How else can I debug this issue? Are there logs I should be printing to see the request headers, or do I need to attach a network monitor? Have I skipped some simple Java or SDK configuration?
Update: Without any additional info I've been hypothesizing. What if the CDK's --profile flag doesn't apply to SDK calls? Then the DefaultAWSCredentialsProviderChain would be using the "default" profile, which I probably set to a temporary account while doing other development.
So now the question is: how do I pass the CDK-provided profile to the SDK? Is there an environment variable I can set or get?
Edited by: judebert-IAM on Mar 13, 2021 10:56 AM
AWS 官方已更新 10 個月前