【发布时间】:2020-11-14 05:16:24
【问题描述】:
我有一个基础设施,其中 AWS 登录基于角色需要来自 MS 身份验证器的 MFA,它会在移动设备上弹出以接受或拒绝。通常在 CLI 上,我们使用 saml2aws,它会生成临时访问密钥 secret key 并承担角色。
我正在尝试在我的 nodejs 中使用 aws-sdk 并尝试验证凭据,但没有收到任何弹出窗口并出现以下错误。
请提出实现此目的的方法或途径。
const AWS = require('aws-sdk');
var eks = new AWS.EKS({ accessKeyId: "ABCDEFGHIJKLMNOPQRSTUVWXYZ", secretAccessKey : "gsdhjfkjbkbfvfkqbvfhvqhfvqhfv", region: "us-west-2"});
var params = { name: "testing" };
eks.describeCluster(params, function(err, data) {
if (err) console.log(err, err.stack); // an error occurred
else console.log(data); // successful response
});
执行上述代码后:我收到以下错误:
UnrecognizedClientException: The security token included in the request is invalid.
at Object.extractError (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\protocol\json.js:52:27)
at Request.extractError (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\protocol\rest_json.js:55:8)
at Request.callListeners (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\sequential_executor.js:106:20)
at Request.emit (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\sequential_executor.js:78:10)
at Request.emit (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\request.js:688:14)
at Request.transition (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\request.js:22:10)
at AcceptorStateMachine.runTo (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\state_machine.js:14:12)
at D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\state_machine.js:26:10
at Request.<anonymous> (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\request.js:38:9)
at Request.<anonymous> (D:\Prashant\kubernetes-app\node_modules\aws-sdk\lib\request.js:690:12) {
code: 'UnrecognizedClientException',
time: 2020-11-03T22:36:19.516Z,
requestId: '2e3486d0-3219-410c-8963-970958c5c14d',
statusCode: 403,
retryable: false,
retryDelay: 91.55836550904752
}
【问题讨论】:
-
请在您的答案中发布解决方案,不是每个人都可以像@callback在答案中所说的那样发表评论
标签: node.js aws-sdk aws-sdk-js aws-sdk-nodejs