java - Aws S3 access denied issue - 


i trying access s3 bucket. able using local machine(i.e. local machine s3 bucket), getting access denied issue while trying access ec2 instance running tomcat 8 , java 8.

also when upload file permissions set root user , if keep bucket public , upload file ec2 permissions not set root user.

    public class amazons3utilservice {     public static final string name = "amazons3util";     private static string s3_secret = "s3_secret";     private static string s3_id = "s3_id";     private static string bucket_name = "s3_bucket";     private static final string suffix = "/";     private static final string default_folder_path = "phr/reports/";      @autowired     protected environment props;      private awscredentials awscredentials = null;      private amazons3 s3client = null;      private string bucketname = null;      private static final logger log = logger.getlogger(amazons3utilservice.class);      private void prepareawscredentials() {          if (awscredentials == null) {             log.info("preparing aws credentials");             awscredentials = new awscredentials() {                 @suppresswarnings("unused")                 map<string, string> env = system.getenv();                  public string getawssecretkey() {                     string s3_secret = system.getproperty(amazons3utilservice.s3_secret);                      if (s3_secret == null) {                         s3_secret = system.getenv(amazons3utilservice.s3_secret);                         if (s3_secret == null) {                             s3_secret = props.getproperty(amazons3utilservice.s3_secret);                         }                     }                     log.info("s3_secret ---->" + s3_secret);                     return s3_secret;                 }                          public string getawsaccesskeyid() {                             string s3_id = system.getproperty(amazons3utilservice.s3_id);                              if (s3_id == null) {                                 s3_id = system.getenv(amazons3utilservice.s3_id);                                 if (s3_id == null) {                                     s3_id = props.getproperty(amazons3utilservice.s3_id);                                 }                             }                             log.info("s3_id ---->" + s3_id);                             return s3_id;                         }                     };                 }              }              private void prepareamazons3client() {                 if (s3client == null) {                     log.info("preparing s3 client");                     clientconfiguration clientcfg = new clientconfiguration();                     clientcfg.setprotocol(protocol.http);                     s3client = new amazons3client(awscredentials, clientcfg);                     region region = region.getregion(regions.fromname(props.getproperty("s3client.region")));                     log.info("region ----->" + props.getproperty("s3client.region"));                     s3client.setregion(region);                 }             }              private void preparebucketname() {                 bucketname = system.getenv(amazons3utilservice.bucket_name);                     log.info("bucketname ------>" + bucketname);                 }              }              private void prepare() {                 try {                     awscredentials = null;                     prepareawscredentials();                     prepareamazons3client();                     preparebucketname();                 } catch (amazonserviceexception ase) {                     log.error("caught amazonserviceexception, means request made "                             + "to amazon s3, rejected error response reason.");                     log.error("error message:    " + ase.getmessage() + " http status code: " + ase.getstatuscode()                             + " aws error code:   " + ase.geterrorcode() + " error type:       " + ase.geterrortype()                             + " request id:       " + ase.getrequestid());                      new amazons3clientexception(ase, ase.getmessage());                 } catch (amazonclientexception ace) {                     log.error(ace);                     new amazons3clientexception(ace, ace.getmessage());                 }             }              @suppresswarnings("unused")             public string uploaddocument(uploaddocumentdetaildto uploaddocumentdetail) {                 prepare();                 string tempfilename = new simpledateformat("yyyy-mm-dd hh-mm-ss").format(new date());                 string fileurl = null;                 try {                     file uploadfilecontent = readbase64file(uploaddocumentdetail.getfilecontent(), tempfilename);                     uploaddocumentdetail.setcontenttype(filecontenttypeenum.pdf);                     string uploadfilename = getuploadfilename(uploaddocumentdetail);                     putobjectrequest request = new putobjectrequest(bucketname, uploadfilename, uploadfilecontent);                     request.putcustomrequestheader("content-type", "application/pdf");                     request.putcustomrequestheader("content-disposition", "inline");                     putobjectresult putobjectresult = s3client.putobject(request);                     url url = generatepresignedurlrequest(uploadfilename);                     fileurl = url.tostring();                 } catch (exception e) {                     log.info(loggerexception.printexception(e));                     fileurl = "";                 }                  return fileurl;             }              public url generatepresignedurlrequest(string fileurl) {                 log.info("inside generatepresignedurlrequest");                 java.util.date expiration = new java.util.date();                 long msec = expiration.gettime();                 msec += 1000 * 60 * 60; // 1 hour.                 expiration.settime(msec);                  generatepresignedurlrequest generatepresignedurlrequest = new generatepresignedurlrequest(bucketname, fileurl);                 generatepresignedurlrequest.setmethod(httpmethod.get); // default.                 generatepresignedurlrequest.setexpiration(expiration);                  url s = s3client.generatepresignedurl(generatepresignedurlrequest);                 log.info("url --->" + s);                 return s;             }              private string getuploadfilename(uploaddocumentdetaildto uploaddocumentdetail) {                 stringbuffer uploadfilename = new stringbuffer();                 uploadfilename.append(default_folder_path);                 if (uploaddocumentdetail.getbeneficiaryid() != null)                     uploadfilename.append(uploaddocumentdetail.getbeneficiaryid() + suffix);                  if (uploaddocumentdetail.getdocumenttype() != null)                     uploadfilename.append(uploaddocumentdetail.getdocumenttype().getname() + suffix);                  // check , create folder                 validateandcreatefolder(uploadfilename.tostring());                  if (uploaddocumentdetail.getassesmentid() != null)                     uploadfilename.append(                             uploaddocumentdetail.getassesmentid() + "." + uploaddocumentdetail.getcontenttype().getname());                 else                     uploadfilename.append(                             uploaddocumentdetail.getdefaultfilename() + "." + uploaddocumentdetail.getcontenttype().getname());                 return uploadfilename.tostring();             }              private static file readbase64file(string content, string filename) throws exception {                 file file = file.createtempfile(filename, ".tmp");                 file.deleteonexit();                 fileoutputstream fileouputstream = new fileoutputstream(file);                 fileouputstream.write(base64.decodebase64(content));                 fileouputstream.close();                 return file;              }              public void validateandcreatefolder(string foldername) {                 list<s3objectsummary> filelist = null;                 try {                     filelist = s3client.listobjects(bucketname, foldername).getobjectsummaries();                 } catch (amazonserviceexception e) {                     // todo auto-generated catch block                     e.printstacktrace();                 } catch (amazonclientexception e) {                     // todo auto-generated catch block                     e.printstacktrace();                 }                 if (filelist == null || filelist.isempty()) {                     // create meta-data folder , set content-length 0                     objectmetadata metadata = new objectmetadata();                     metadata.setcontentlength(0);                     // create empty content                     inputstream emptycontent = new bytearrayinputstream(new byte[0]);                     // create putobjectrequest passing folder name suffixed /                     putobjectrequest putobjectrequest = new putobjectrequest(bucketname, foldername, emptycontent, metadata);                     // send request s3 create folder                     s3client.putobject(putobjectrequest);                 }             }              /**              * method first deletes files in given folder ,              * folder              */         }

following exception while access s3 ec2 instance.

info  com.medscheme.common.util.amazons3utilservice  - com.amazonaws.services.s3.model.amazons3exception: access denied (service: amazon s3; status code: 403; error code: accessdenied; request id: 926e1213366626b9), s3 extended request id: zqbb4jcalyexhztdsv0gmwxohrqzjuv3m+jluiavjy/sdxw/qonfc8hizfangvcjwewztoqc7/a=     @ com.amazonaws.http.amazonhttpclient.handleerrorresponse(amazonhttpclient.java:1275)     @ com.amazonaws.http.amazonhttpclient.executeonerequest(amazonhttpclient.java:873)     @ com.amazonaws.http.amazonhttpclient.executehelper(amazonhttpclient.java:576)     @ com.amazonaws.http.amazonhttpclient.doexecute(amazonhttpclient.java:362)     @ com.amazonaws.http.amazonhttpclient.executewithtimer(amazonhttpclient.java:328)     @ com.amazonaws.http.amazonhttpclient.execute(amazonhttpclient.java:307)     @ com.amazonaws.services.s3.amazons3client.invoke(amazons3client.java:3649)     @ com.amazonaws.services.s3.amazons3client.invoke(amazons3client.java:3602)     @ com.amazonaws.services.s3.amazons3client.listobjects(amazons3client.java:679)     @ com.amazonaws.services.s3.amazons3client.listobjects(amazons3client.java:664)     @ com.medscheme.common.util.amazons3utilservice.validateandcreatefolder(amazons3utilservice.java:222)     @ com.medscheme.common.util.amazons3utilservice.getuploadfilename(amazons3utilservice.java:200)     @ com.medscheme.common.util.amazons3utilservice.uploaddocument(amazons3utilservice.java:166)     @ com.medscheme.service.impl.reportsserviceimpl.getreport(reportsserviceimpl.java:133)     @ com.medscheme.service.impl.reportsserviceimpl.getreport(reportsserviceimpl.java:1)     @ com.medscheme.controller.reportscontroller.getwellnessreportdetails(reportscontroller.java:69)

i able resolve issue using using basicawscredentials class instead of awscredentials while creating amazon client. problem ec2 instance. know going wrong on ec2.


Comments

Post a Comment

Popular posts from this blog

aws api gateway - SerializationException in posting new Records via Dynamodb Proxy Service in API -

i getting "__type": "com.amazon.coral.service#serializationexception" as reply in postman & in test console in api gateway trying post record directly dynamodb using api proxy services.. referring aws article - https://aws.amazon.com/blogs/compute/using-amazon-api-gateway-as-a-proxy-for-dynamodb/ here's mapping { "tablename": "tablenamegoeshere", "item": { "id" : "$context.requestid" "eventname" : "$input.path('$.eventname')", "timestamp" : $input.path('$.timestamp'), "answers": "$util.parsejson($input.path('$.answers'))" } } update: did asked ... , worked if try add array of json objects gives me above same error - here's trying now. please - couldnt find on google well #set($inputroot = $input.path('$')) { "tablename": "answer", "item": {
Read more

asp.net - Problems sending emails from forum -

i have been redesigning site has message board, has been written guy looked after site. it has few problems , written in .asp , uses .mdb files database. you can see whole thing here . feel free post if helps, test thing have set using original files , new database. the basic problem when posts message, supposed email sent them, have posted it. when replies, originator supposed message, replier has been posted. i’d have thought @ point in process there should script/file in postmessage.asp? the postmessage.asp page below. <% option explicit %> <!-- #include virtual="common/adovbs.inc" --> <html> <head> <meta http-equiv="content-type" content="text/html; charset=windows-1252"> <meta name="generator" content="microsoft frontpage 4.0"> <meta name="progid" content="frontpage.editor.document"> <title>new page 2</title> <base target="_self"
Read more