如果不在系统级别使用默认配置,我无法在 Spring Cloud Stream Kinesis binder (1.2.0.RELEASE( 中连接到 AWS kinesis。仅当系统已配置为使用默认配置文件,并且使用 [default] 配置文件设置访问密钥 ID 和秘密访问密钥时,应用程序才能正常工作。否则,它无法通过引发以下异常来连接到 AWS 资源:
Caused by: com.amazonaws.SdkClientException: Unable to load AWS credentials from any provider in the chain: [com.amazonaws.auth.EC2ContainerCredentialsProviderWrapper@3b2c8bda: Unable to load credentials from service endpoint, com.amazonaws.auth.profile.ProfileCredentialsProvider@688d619c: No AWS profile named 'default']
at com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:136)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.getCredentialsFromContext(AmazonHttpClient.java:1225)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.runBeforeRequestHandlers(AmazonHttpClient.java:801)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:751)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:744)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:726)
at com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$500(AmazonHttpClient.java:686)
at com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:668)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:532)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:512)
at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.doInvoke(AmazonDynamoDBClient.java:3768)
at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.invoke(AmazonDynamoDBClient.java:3737)
at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.executeDescribeTable(AmazonDynamoDBClient.java:1836)
at com.amazonaws.services.dynamodbv2.AmazonDynamoDBClient.describeTable(AmazonDynamoDBClient.java:1804)
at com.amazonaws.services.dynamodbv2.document.Table.describe(Table.java:137)
at org.springframework.integration.aws.metadata.DynamoDbMetadataStore.afterPropertiesSet(DynamoDbMetadataStore.java:145)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1837)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1774)
我尝试了以下选项,但没有一个对我有用:
- 设置环境变量
AWS_ACCESS_KEY_ID和AWS_SECRET_ACCESS_KEY aws.accessKeyId和aws.secretKey设置 Java 系统属性- 在
application.yml文件中设置cloud.aws.credentials.accessKey和cloud.aws.credentials.secretKey。
这几乎让我发疯。仔细跟踪AWS代码后,我发现如果您设置了系统属性
cloud.aws.credentials.use-default-aws-credentials-chain: true
它在DefaultAWSCredentialsProviderChain中切换。否则,它使用两个提供程序的链 -EC2ContainerCredentialsProviderWrapper和ProfileCredentialsProvider。
这适用于 Spring Boot 2.3.4。对于版本 2.2.5,系统属性为
cloud.aws.credentials.useDefaultAwsCredentialsChain: true
我还没有研究它改成烤肉串盒的版本。否则,它将忽略在环境变量或系统属性中传递的凭据。此代码在ContextCredentialsAutoConfiguration.registerBeanDefinitions()中。
我解决了这个问题。
我认为spring-cloud-starter-aws无法自动配置。 所以我像这样以编程方式设置访问密钥和密钥:
@Configuration
class AWSS3Configuration {
@Value("${cloud.aws.credentials.access-key}")
val accessKey: String = ""
@Value("${cloud.aws.credentials.secret-key}")
val secretKey: String = ""
@Bean
fun amazonS3(): AmazonS3 =
AmazonS3ClientBuilder.standard()
.withCredentials(AWSStaticCredentialsProvider(BasicAWSCredentials(accessKey, secretKey)))
.build()
}
由于某种原因,AWSCredentialProvider bean似乎加载不正确,因此我能够通过设置以下bean来暂时解决此问题。这不是一个正确的修复,但它确实解锁了我的工作:
@Configuration
public class AWSCredentialProvider {
@Value("${aws.access-key}")
protected String accessKey;
@Value("${aws.secret-key}")
protected String secretKey;
@Bean
@Primary
public AWSCredentialsProvider buildAWSCredentialsProvider() {
AWSCredentials awsCredentials = new BasicAWSCredentials(accessKey, secretKey);
return new AWSStaticCredentialsProvider(awsCredentials);
}
}
设置实例配置文件:true 在 ECS 环境中对我有用。
cloud:
aws:
credentials:
instance-profile: true