Amazon EKS (Fargate):应用程序无法加载 AWS 凭证
Amazon EKS (Fargate): App can't load AWS Credentials
我已按照此处描述的所有步骤进行操作,当我 运行 执行命令时,我看到了角色:
kubectl exec -n bn bn-query-service-deployment-7649b5cd45-fdptw env | grep AWS
AWS_ROLE_ARN=arn:aws:iam::1111111:role/eksctl-playground-addon-iamserviceaccount-bn-b-Role1-HSIN6D1SKE7T
AWS_WEB_IDENTITY_TOKEN_FILE=/var/run/secrets/eks.amazonaws.com/serviceaccount/token
但是我的容器仍然加载失败:
Caused by: com.amazonaws.SdkClientException: Unable to load AWS
credentials from any provider in the chain:
[EnvironmentVariableCredentialsProvider: Unable to load AWS
credentials from environment variables (AWS_ACCESS_KEY_ID (or
AWS_ACCESS_KEY) and AWS_SECRET_KEY (or AWS_SECRET_ACCESS_KEY)),
SystemPropertiesCredentialsProvider: Unable to load AWS credentials
from Java system properties (aws.accessKeyId and aws.secretKey),
com.amazonaws.auth.profile.ProfileCredentialsProvider@5ddeb7cb:
profile file cannot be null, WebIdentityTokenCredentialsProvider: To
use assume role profiles the aws-java-sdk-sts module must be on the
class path.,
com.amazonaws.auth.EC2ContainerCredentialsProviderWrapper@33ecda92:
Unable to load credentials from service endpoint]
我还应该检查什么?我可能会错过什么?
我明白了。我必须包括 aws-java-sdk-sts 模块:
编译组:'com.amazonaws',名称:'aws-java-sdk-sts',版本:'1.11.699'
包括较新的 SDK 的 sts 模块不起作用:
编译组:'software.amazon.awssdk',名称:'sts',版本:'2.10.40'
我已按照此处描述的所有步骤进行操作,当我 运行 执行命令时,我看到了角色:
kubectl exec -n bn bn-query-service-deployment-7649b5cd45-fdptw env | grep AWS
AWS_ROLE_ARN=arn:aws:iam::1111111:role/eksctl-playground-addon-iamserviceaccount-bn-b-Role1-HSIN6D1SKE7T
AWS_WEB_IDENTITY_TOKEN_FILE=/var/run/secrets/eks.amazonaws.com/serviceaccount/token
但是我的容器仍然加载失败:
Caused by: com.amazonaws.SdkClientException: Unable to load AWS credentials from any provider in the chain: [EnvironmentVariableCredentialsProvider: Unable to load AWS credentials from environment variables (AWS_ACCESS_KEY_ID (or AWS_ACCESS_KEY) and AWS_SECRET_KEY (or AWS_SECRET_ACCESS_KEY)), SystemPropertiesCredentialsProvider: Unable to load AWS credentials from Java system properties (aws.accessKeyId and aws.secretKey), com.amazonaws.auth.profile.ProfileCredentialsProvider@5ddeb7cb: profile file cannot be null, WebIdentityTokenCredentialsProvider: To use assume role profiles the aws-java-sdk-sts module must be on the class path., com.amazonaws.auth.EC2ContainerCredentialsProviderWrapper@33ecda92: Unable to load credentials from service endpoint]
我还应该检查什么?我可能会错过什么?
我明白了。我必须包括 aws-java-sdk-sts 模块: 编译组:'com.amazonaws',名称:'aws-java-sdk-sts',版本:'1.11.699'
包括较新的 SDK 的 sts 模块不起作用: 编译组:'software.amazon.awssdk',名称:'sts',版本:'2.10.40'