You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When creating a AmazonSQSSecureClient with a custom aws credentials you get an exception when trying to send a message: com.amazonaws.services.kms.model.AWSKMSException: The security token included in the request is invalid (Service: AWSKMS; Status Code: 400; Error Code: UnrecognizedClientException;
Relevant stacktrace snippet: at no.cantara.aws.sqs.KMSCryptoUtil.generateDataKey(KMSCryptoUtil.java:118) at no.cantara.aws.sqs.KMSCryptoUtil.encrypt(KMSCryptoUtil.java:106) at no.cantara.aws.sqs.AmazonSQSSecureClient.deflate(AmazonSQSSecureClient.java:212) at no.cantara.aws.sqs.AmazonSQSSecureClient.sendMessage(AmazonSQSSecureClient.java:152)
It seems to be caused by the getAWSKMS-method in KMSCryptoUtil where DefaultAWSCredentialsProviderChain is hardcoded:
val credentials =BasicAWSCredentials(accessKey, secretKey )
val credentialsProvider =AWSStaticCredentialsProvider(credentials)
val sqsClient =AmazonSQSSecureClient.create(credentialsProvider, region, kmsCmkId, s3Bucket );
When providing the same credentials as environment variables everything works as expected.
The text was updated successfully, but these errors were encountered:
When creating a AmazonSQSSecureClient with a custom aws credentials you get an exception when trying to send a message:
com.amazonaws.services.kms.model.AWSKMSException: The security token included in the request is invalid (Service: AWSKMS; Status Code: 400; Error Code: UnrecognizedClientException;
Relevant stacktrace snippet:
at no.cantara.aws.sqs.KMSCryptoUtil.generateDataKey(KMSCryptoUtil.java:118) at no.cantara.aws.sqs.KMSCryptoUtil.encrypt(KMSCryptoUtil.java:106) at no.cantara.aws.sqs.AmazonSQSSecureClient.deflate(AmazonSQSSecureClient.java:212) at no.cantara.aws.sqs.AmazonSQSSecureClient.sendMessage(AmazonSQSSecureClient.java:152)
It seems to be caused by the
getAWSKMS
-method inKMSCryptoUtil
where DefaultAWSCredentialsProviderChain is hardcoded:The the client is created this way(Kotlin):
When providing the same credentials as environment variables everything works as expected.
The text was updated successfully, but these errors were encountered: