I am trying to publish SNS message to AWS with Spring Cloud. But I am newbie with this and cannot understand security settings. I created a user in AWS. I gave him a "AmazonSNSRole" role. I have code:
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cloud.aws.messaging.core.NotificationMessagingTemplate;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.*;
@RestController
@RequestMapping("/sns")
public class SnsSenderController {
private static final Logger theLogger = LoggerFactory.getLogger(SnsSenderController.class);
private final NotificationMessagingTemplate notificationMessagingTemplate;
@Autowired
public SnsSenderController(NotificationMessagingTemplate notificationMessagingTemplate) {
this.notificationMessagingTemplate = notificationMessagingTemplate;
}
@RequestMapping(value = "/send", method = RequestMethod.POST)
@ResponseStatus(HttpStatus.OK)
public void sendNotification(@RequestBody SnsNotification notification) {
theLogger.debug("Going to send notification {}", notification);
this.notificationMessagingTemplate.sendNotification("SnsTopic", notification.getMessage(), notification.getSubject());
}
}
I have beans.xml where I put the keys for my AMS user:
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:aws-context="http://www.springframework.org/schema/cloud/aws/context"
xmlns:aws-messaging="http://www.springframework.org/schema/cloud/aws/messaging"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/cloud/aws/context
http://www.springframework.org/schema/cloud/aws/context/spring-cloud-aws-context-1.0.xsd
http://www.springframework.org/schema/cloud/aws/messaging
http://www.springframework.org/schema/cloud/aws/messaging/spring-cloud-aws-messaging-1.0.xsd">
<!-- Define global credentials for all the AWS clients -->
<aws-context:context-credentials>
<aws-context:instance-profile-credentials/>
<aws-context:simple-credentials access-key="accessKeyForMyUser"
secret-key="secretKeyForMyUser"/>
</aws-context:context-credentials>
<!-- Messaging-->
<aws-messaging:notification-messaging-template id="notificationMessagingTemplate" />
</beans>
But when I am trying to send SNS I see error:
02:08:36.445 [http-nio-8080-exec-4] ERROR o.a.c.c.C.[.[.[.[dispatcherServlet] - Servlet.service() for servlet [dispatcherServlet] in context with path [] threw exception [Request processing failed; nested exception is com.amazonaws.AmazonServiceException: The security token included in the request is invalid. (Service: AmazonSNS; Status Code: 403; Error Code: InvalidClientTokenId; Request ID: 65c99dfe-daf2-5f50-a408-d0013c568f48)] with root cause
com.amazonaws.AmazonServiceException: The security token included in the request is invalid. (Service: AmazonSNS; Status Code: 403; Error Code: InvalidClientTokenId; Request ID: 65c99dfe-daf2-5f50-a408-d0013c568f48)
Why so? Please, could somebody explain me how to deal with it? It is really difficult part for newbie like me. Thank you in advance!
You need to provide either instance profile credentials or user credentials. Since you are using user credentials remove the instance profile credentials from spring xml beans