我试图获得正确的请求来获取用户,但不能:
有效的 AWS CLI:
aws iam get-user --user-name "${user_name}"
现在,一个平淡的curl
request
api_addr=https://iam.amazonaws.com &&\
curl --aws-sigv4 "aws:amz:${region}:iam" --user "${aws_key}":"${aws_secret}" "${api_addr}/?Action=GetUser&UserName=${user_name}&Version=2010-05-08"
得到回应:
<ErrorResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
<Error>
<Type>Sender</Type>
<Code>SignatureDoesNotMatch</Code>
<Message>Credential should be scoped to a valid region. </Message>
</Error>
<RequestId>b21979ce-4d16-4e43-a592-227dc6d2a249</RequestId>
</ErrorResponse>
正确的称呼是什么?我认为 IAM 是一个全球区域。我已经尝试过我的特定区域以及“全球”或忽略它。
卷曲应该足够了:
curl --version
curl 7.87.0 (x86_64-apple-darwin22.0) libcurl/7.87.0 (SecureTransport) LibreSSL/3.3.6 zlib/1.2.11 nghttp2/1.51.0
Release-Date: 2022-12-21
卷曲,--aws-sig4 https://curl.se/docs/manpage.html#--aws-sigv4
好的,我能够让它工作,看起来像默认区域用于对 IAM 的调用,该调用仅接受美国东部1.
要求:-
curl --aws-sigv4 "aws:amz:us-east-1:iam" --user "AWS_KEY":"AWS_SECRET_XXX" "https://iam.amazonaws.com/?Action=GetUser&UserName=Dev-arpit&Version=2010-05-08"
回复:-
<GetUserResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
<GetUserResult>
<User>
<Path>/</Path>
<UserName>Dev-arpit</UserName>
<Arn>arn:aws:iam::XXXXX:user/Dev-arpit</Arn>
<UserId>XXXX</UserId>
<CreateDate>2023-05-19T04:26:17Z</CreateDate>
</User>
</GetUserResult>
<ResponseMetadata>
<RequestId>03ca9843-d003-4ca1-8d22-0c99a43cc78b</RequestId>
</ResponseMetadata>
</GetUserResponse>
希望能帮助到你!
本文内容由网友自发贡献,版权归原作者所有,本站不承担相应法律责任。如您发现有涉嫌抄袭侵权的内容,请联系:hwhale#tublm.com(使用前将#替换为@)