Amazon web services AWS Amplify Storage.get()-AWSAccessKeyId未定义
我正在努力使用AWS amplify的react原生项目,包括身份验证和存储 从我的项目中的此服务文件调用Amazon web services AWS Amplify Storage.get()-AWSAccessKeyId未定义,amazon-web-services,react-native,amazon-s3,amazon-cognito,amazon-iam,Amazon Web Services,React Native,Amazon S3,Amazon Cognito,Amazon Iam,我正在努力使用AWS amplify的react原生项目,包括身份验证和存储 从我的项目中的此服务文件调用存储: import Amplify, {Auth, Storage} from 'aws-amplify' import config from './config' Amplify.configure({ Auth: config.Auth, Storage: config.Storage, }) export { Auth, Storage, } 配置为: AWS
存储
:
import Amplify, {Auth, Storage} from 'aws-amplify'
import config from './config'
Amplify.configure({
Auth: config.Auth,
Storage: config.Storage,
})
export {
Auth,
Storage,
}
配置为:
AWS: {
Auth: {
region: 'us-east-X',
userPoolId: 'us-east-XXXXXXX',
userPoolWebClientId: 'XXXXXXXXX',
identityPoolId: 'us-east-X:XXXXXXXXXXXXXX',
},
Storage: {
AWSS3: {
bucket: 'XXXXXXX',
region: 'us-east-X',
},
},
},
至此,用户已使用Auth进行了身份验证。电话:
Storage.get('public/fileName.gif', { expires: 120 })
导致一个签名URL,该URL似乎缺少访问密钥,它应该从IAM登录用户生成访问密钥
下面是它生成的签名URL示例:
https://expyhealth-stg.s3.amazonaws.com/public/activityImages/Ankle%20Pumps.gif?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=undefined%2F20201020%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20201020T204616Z&X-Amz-Expires=120&X-Amz-Signature=f40bad142a9b190f9d9959bb9db0ad077c0cecab5171098f033a700cb9aa45b5&X-Amz-SignedHeaders=host&x-amz-user-agent=aws-sdk-js-v3-react-native-%40aws-sdk%2Fclient-s3%2F1.0.0-gamma.8%20aws-amplify%2F3.6.0%20react-native&x-id=GetObject"
注意X-Amz-Credential=undefined
我在这里已经跟踪这个线索好几个小时了,而且一直都很短。我无法确定它为什么不生成访问密钥
使用aws放大版3.3.4
以下是bucket策略:
{
"Version": "2012-10-17",
"Id": "Policy1599854584652",
"Statement": [
{
"Sid": "Stmt1599854581275",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::XXXXXXXXXXXX:role/Cognito_ExpyHealthStagingAuth_Role"
},
"Action": "s3:GetObject",
"Resource": [
"arn:aws:s3:::XXXXXXXX",
"arn:aws:s3:::XXXXXXXX/*"
]
}
]
}
我通过编辑IAM信任关系来解决类似问题,如下所示:
- 打开AWS控制台
- 去IAM
- 进入角色
- 选择指定为身份池的身份验证角色的角色
- 打开“信任关系”选项卡
- 单击“编辑信任关系”
- 粘贴以下内容:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Federated": "cognito-identity.amazonaws.com" }, "Action": "sts:AssumeRoleWithWebIdentity", "Condition": { "StringEquals": { "cognito-identity.amazonaws.com:aud": "eu-west-1:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" }, "ForAnyValue:StringLike": { "cognito-identity.amazonaws.com:amr": "authenticated" } } } ] }
提示:将您的配置与AWS Amplify CLI生成的配置进行比较。我通过编辑IAM信任关系来解决类似问题,如下所示:
- 打开AWS控制台
- 去IAM
- 进入角色
- 选择指定为身份池的身份验证角色的角色
- 打开“信任关系”选项卡
- 单击“编辑信任关系”
- 粘贴以下内容:
{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Federated": "cognito-identity.amazonaws.com" }, "Action": "sts:AssumeRoleWithWebIdentity", "Condition": { "StringEquals": { "cognito-identity.amazonaws.com:aud": "eu-west-1:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx" }, "ForAnyValue:StringLike": { "cognito-identity.amazonaws.com:amr": "authenticated" } } } ] }
提示:将您的配置与AWS Amplify CLI生成的配置进行比较。请屏蔽帐户id、用户池id和任何其他敏感信息。谢谢我假设我不认为这些是敏感的,因为它们不是密钥,但我确定我可以屏蔽帐户id、用户池id和任何其他敏感信息。谢谢我想我不认为这些是敏感的,因为它们不是秘密密钥,但我肯定我可以假装感谢响应,但我已经有了确切的策略:/谢谢响应,但我已经有了确切的策略:/