问题
We are using aws cli and it works perfectly, we can create taskdefinitions, create services, etc. The problem comes when we want to use the sdk for go. We always get a forbidden. We have tried to use a new empty session, a session specifying the region, asuming roles... nothing works. Does anyone know how we could solve it?
We have tried many things: - setting a new config when creating a new session:
Config: aws.Config{
CredentialsChainVerboseErrors: aws.Bool(true),
Credentials: credentials.NewEnvCredentials(),
Region: aws.String("eu-west-1"),
}
- asuming several roles in the session.NewSessionWithOptions:
AssumeRoleTokenProvider: stscreds.StdinTokenProvider
Nothing works. We always get a forbidden.
回答1:
By default the cli uses your credentials from ~/.aws/credentials and region from ~/.aws/config. Try this to create your session:
sess := session.Must(session.NewSessionWithOptions(session.Options{
SharedConfigState: session.SharedConfigEnable,
}))
来源:https://stackoverflow.com/questions/61524125/aws-sdk-for-go-forbidden-but-aws-cli-works-fine