AWS PowerShell Use-STSRole:请求中包含的安全令牌无效
AWS PowerShell Use-STSRole : The security token included in the request is invalid
在我的 Jenkins 构建作业中,我使用此命令来担任 AWS 角色:
$Creds = (Use-STSRole -Region us-east-1 -RoleArn arn:aws:iam::$IAM_ACCOUNT_ID`:role/$IAM_ROLE -RoleSessionName jenkins).Credentials
我收到以下错误:
Use-STSRole : The security token included in the request is invalid.
将 AWS 角色更改为无效角色不会更改错误消息。
登录服务器直接使用Powershell中的命令就可以了。
如果我使用 AWS CLI 命令,它也有效:
aws sts assume-role --role-arn arn:aws:iam::%IAM_ACCOUNT_ID%:role/%IAM_ROLE% --role-session-name jenkins-deploy
完整的错误信息:
Use-STSRole : The security token included in the request is invalid.
At C:\Users\svc-jenkins.WIN-KLBFC355P8D\AppData\Local\Temp\jenkins4822311255190032778.ps1:5 char:11
+ $Creds = (Use-STSRole -Region us-east-1 -RoleArn arn:aws:iam::$e ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (Amazon.PowerShe...seSTSRoleCmdlet:UseSTSRoleCmdlet) [Use-STSRole], InvalidOperationException
+ FullyQualifiedErrorId : Amazon.SecurityToken.AmazonSecurityTokenServiceException,Amazon.PowerShell.Cmdlets.STS.UseSTSRoleCmdlet
似乎配置文件在 AWS 中存储的凭据不正确。
这些使用 Get-AWSCredentials 列出:
Get-AWSCredentials -ListStoredCredentials
然后使用Remove-AWSCredentialProfile清除:
Remove-AWSCredentialProfile -ProfileName {MyProfileName}
如果使用旧版本的 AWS Powershell 工具,您可以改用 Clear-AWSCredentials:
Clear-AWSCredentials -ProfileName <String>
在我的 Jenkins 构建作业中,我使用此命令来担任 AWS 角色:
$Creds = (Use-STSRole -Region us-east-1 -RoleArn arn:aws:iam::$IAM_ACCOUNT_ID`:role/$IAM_ROLE -RoleSessionName jenkins).Credentials
我收到以下错误:
Use-STSRole : The security token included in the request is invalid.
将 AWS 角色更改为无效角色不会更改错误消息。
登录服务器直接使用Powershell中的命令就可以了。
如果我使用 AWS CLI 命令,它也有效:
aws sts assume-role --role-arn arn:aws:iam::%IAM_ACCOUNT_ID%:role/%IAM_ROLE% --role-session-name jenkins-deploy
完整的错误信息:
Use-STSRole : The security token included in the request is invalid.
At C:\Users\svc-jenkins.WIN-KLBFC355P8D\AppData\Local\Temp\jenkins4822311255190032778.ps1:5 char:11
+ $Creds = (Use-STSRole -Region us-east-1 -RoleArn arn:aws:iam::$e ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (Amazon.PowerShe...seSTSRoleCmdlet:UseSTSRoleCmdlet) [Use-STSRole], InvalidOperationException
+ FullyQualifiedErrorId : Amazon.SecurityToken.AmazonSecurityTokenServiceException,Amazon.PowerShell.Cmdlets.STS.UseSTSRoleCmdlet
似乎配置文件在 AWS 中存储的凭据不正确。
这些使用 Get-AWSCredentials 列出:
Get-AWSCredentials -ListStoredCredentials
然后使用Remove-AWSCredentialProfile清除:
Remove-AWSCredentialProfile -ProfileName {MyProfileName}
如果使用旧版本的 AWS Powershell 工具,您可以改用 Clear-AWSCredentials:
Clear-AWSCredentials -ProfileName <String>